CVE-2026-31989
SSRF Vulnerability in OpenClaw Web_Search Allows Internal Requests
Publication date: 2026-03-19
Last updated on: 2026-03-19
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-31989 is a Server-Side Request Forgery (SSRF) vulnerability found in OpenClaw versions prior to 2026.3.1. It occurs in the web_search citation redirect resolution feature, which used a policy allowing requests to private networks. This means an attacker who can control citation redirect targets can trick the OpenClaw server into making unauthorized requests to internal network addresses such as loopback, private, or other internal destinations.
The vulnerability arises because the server does not properly verify that the destination of the redirected request is legitimate or expected, enabling potential access to sensitive internal resources.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to induce the OpenClaw host to make unauthorized requests to internal network resources. Such requests could expose sensitive internal services or data that are normally protected from external access.
Because the attacker can influence citation redirect targets, they can potentially access or interact with internal systems that should not be reachable from outside, leading to information disclosure or further exploitation within the internal network.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability involves Server-Side Request Forgery (SSRF) in OpenClaw versions prior to 2026.3.1, specifically in the web_search citation redirect feature that allows requests to internal network destinations.'}, {'type': 'paragraph', 'content': 'To detect exploitation attempts on your network or system, you can monitor for unusual outbound HTTP requests originating from the OpenClaw host to internal IP ranges such as loopback (127.0.0.1), private IP ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16), or other internal network addresses.'}, {'type': 'paragraph', 'content': 'Suggested commands include using network monitoring tools or packet capture utilities to filter such traffic. For example:'}, {'type': 'list_item', 'content': "Using tcpdump to capture HTTP requests to private IP ranges: tcpdump -i <interface> 'dst net 10.0.0.0/8 or dst net 172.16.0.0/12 or dst net 192.168.0.0/16 or dst host 127.0.0.1 and port 80'"}, {'type': 'list_item', 'content': 'Using netstat or ss to check for established connections from the OpenClaw process to internal IPs.'}, {'type': 'list_item', 'content': 'Reviewing OpenClaw logs for citation redirect requests that contain suspicious or attacker-controlled URLs targeting internal network addresses.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The primary mitigation step is to upgrade OpenClaw to version 2026.3.1 or later, where the SSRF vulnerability has been fixed by enforcing a strict SSRF policy that disallows redirects to localhost, private, or internal network destinations.'}, {'type': 'paragraph', 'content': "Until the upgrade can be applied, consider restricting the OpenClaw server's network access to prevent it from making requests to internal or private IP ranges."}, {'type': 'paragraph', 'content': 'Additionally, monitor and audit citation redirect targets to ensure they are not attacker-controlled or pointing to internal network addresses.'}] [1, 2]