CVE-2026-62201
Received Received - Intake

Network Policy Bypass in OpenClaw Sandbox Exec-Server

Vulnerability report for CVE-2026-62201, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: VulnCheck

Description

OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that should have been restricted by configured policies.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-17
AI Q&A
2026-07-17
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.6.6 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

OpenClaw versions before 2026.6.6 have a network policy bypass vulnerability in the sandbox exec-server. This allows lower-trust callers to send HTTP requests through the exec-server to access internal network destinations that should have been blocked by OpenClaw's configured policies.

Detection Guidance

To detect this vulnerability, monitor network traffic for unauthorized HTTP requests originating from the OpenClaw exec-server. Check logs for requests to internal network destinations that should be blocked by policy. Verify if lower-trust callers can access the exec-server feature.

Impact Analysis

Attackers could exploit this to reach restricted internal network resources, potentially accessing sensitive data or systems. The impact depends on configuration and whether lower-trust input can access the affected exec-server path. The vulnerability is classified as SSRF with a CVSS score of 7.7 (High).

Compliance Impact

This vulnerability could potentially violate compliance with GDPR and HIPAA by allowing unauthorized access to internal network resources. GDPR requires strict data access controls and breach notifications, while HIPAA mandates safeguards for protected health information. A network policy bypass could lead to unauthorized data exposure, triggering compliance violations if sensitive data is accessed or exfiltrated.

Mitigation Strategies

Upgrade OpenClaw to version 2026.6.6 or later. Restrict exec-server access to trusted operators only. Disable the exec-server feature if not required. Implement stricter allowlists and avoid shared Gateways for untrusted users.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-62201. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart