CVE-2026-44117
OpenClaw SSRF Bypass via Direct Media Upload
Publication date: 2026-05-06
Last updated on: 2026-05-07
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.20 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The vulnerability allows attackers to bypass SSRF protections and potentially make the server send requests to unintended locations. This can lead to unauthorized access to internal systems or services, data exposure, or other malicious activities depending on the server's network environment and what resources are accessible.
Can you explain this vulnerability to me?
This vulnerability is a server-side request forgery (SSRF) issue found in OpenClaw versions before 2026.4.20. It occurs in the QQBot direct media upload feature, where URL validation is skipped. Attackers can exploit this by sending specially crafted image URLs to the uploadC2CMedia and uploadGroupMedia endpoints, causing the server to make unintended requests on their behalf.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of the CVE-2026-44117 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the QQBot direct media upload feature in OpenClaw versions before 2026.4.20, where specially crafted image URLs sent to the uploadC2CMedia and uploadGroupMedia endpoints bypass SSRF protections.
To detect exploitation attempts on your network or system, you can monitor HTTP requests targeting these endpoints for unusual or suspicious image URLs, especially those that attempt to access internal or private network addresses.
Suggested commands include using network traffic inspection tools or web server logs to filter requests to the endpoints:
- Using grep on server logs to find requests to uploadC2CMedia or uploadGroupMedia endpoints: grep -iE 'uploadC2CMedia|uploadGroupMedia' /path/to/access.log
- Using tcpdump or tshark to capture HTTP traffic and filter for suspicious URLs: tcpdump -i any -A -s 0 'tcp port 80 or tcp port 443' | grep -iE 'uploadC2CMedia|uploadGroupMedia'
- Using curl or similar tools to test the endpoints manually by sending crafted URLs and observing responses (for authorized testing only).
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update OpenClaw to version 2026.4.20 or later, where the vulnerability has been fixed by adding strict URL validation to the QQBot direct media upload feature.
If immediate updating is not possible, consider restricting access to the uploadC2CMedia and uploadGroupMedia endpoints to trusted users or networks only, and monitor for suspicious activity targeting these endpoints.
Additionally, review and apply any available patches or security configurations that enforce HTTPS usage and block requests to private or internal hosts.