Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-32064 is a security vulnerability in OpenClaw versions prior to 2026.2.21 affecting the sandbox browser's noVNC observer feature. The sandbox browser entrypoint launched the x11vnc server without requiring password authentication for noVNC observer sessions. This allowed remote attackers with access to the host's loopback interface (127.0.0.1) to connect to the exposed noVNC port without credentials, enabling them to observe or interact with the sandbox browser."}, {'type': 'paragraph', 'content': "The vulnerability is classified under CWE-306 (Missing Authentication for Critical Function) and has a high severity rating. The root cause was that the x11vnc server was started with the '-nopw' option, disabling password authentication."}, {'type': 'paragraph', 'content': 'The fix involved enforcing VNC password authentication by generating a unique per-container password at runtime, injecting it via environment variables, and requiring authentication for noVNC observer sessions. Additionally, the system replaced embedding passwords in URLs with short-lived, one-time observer tokens to prevent password exposure.'}] [1, 2, 3, 4]

Useful 0 Not Useful 0

Impact Analysis

[{'type': 'paragraph', 'content': "This vulnerability allows unauthorized users who have access to the host's loopback interface to connect to the noVNC observer port without authentication. They can observe or interact with the sandbox browser sessions without credentials."}, {'type': 'paragraph', 'content': "Such unauthorized access can lead to exposure of sensitive information displayed or processed within the sandbox browser, potential manipulation of browser sessions, and compromise of the sandbox environment's integrity."}, {'type': 'paragraph', 'content': 'Although the noVNC port is bound to the loopback interface by default, misconfiguration or explicit port publishing could expose it more broadly, increasing the risk.'}] [2, 4]

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if the OpenClaw sandbox browser is running a noVNC observer session without requiring VNC password authentication. Specifically, you should verify if the x11vnc server is launched with the -nopw option, which disables password authentication.

Since the noVNC observer port is exposed only on the host loopback interface (127.0.0.1), you can check for listening ports on localhost that correspond to noVNC or x11vnc.

• Use netstat or ss to identify listening ports on localhost, for example: netstat -tuln | grep 127.0.0.1
• Check running processes for x11vnc instances and their command line arguments to see if -nopw is used: ps aux | grep x11vnc
• Attempt to connect to the noVNC port on localhost without credentials to see if authentication is required.

If the x11vnc server is running without password authentication (e.g., with -nopw), or if noVNC observer URLs do not require tokens or passwords, the system is vulnerable.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability immediately, upgrade OpenClaw to version 2026.2.21 or later, where the issue is fixed.

The fix enforces VNC password authentication for noVNC observer sessions by replacing the -nopw flag with -rfbauth in the sandbox browser entrypoint script.

Ensure that the sandbox browser container generates and uses a unique per-container noVNC password injected via the environment variable OPENCLAW_BROWSER_NOVNC_PASSWORD.

The system now emits short-lived noVNC observer token URLs instead of sharing raw passwords, enhancing security.

• Rebuild the sandbox browser image and recreate browser containers to apply the fix.
• Verify that noVNC observer ports are only published on the loopback interface (127.0.0.1) to minimize exposure.
• Audit sandbox browser containers to ensure they do not publish noVNC ports on non-loopback interfaces.

Useful 0 Not Useful 0