CVE-2026-28472
📋 TL;DR
OpenClaw versions before 2026.2.2 have an authentication bypass vulnerability in the WebSocket gateway connection handshake. Attackers can connect without proper device identity validation when an auth.token is present but not properly checked, potentially gaining operator access. This affects all deployments using vulnerable OpenClaw gateway software.
💻 Affected Systems
- OpenClaw
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain full operator access to the gateway, allowing them to control connected devices, intercept communications, and potentially pivot to other systems.
Likely Case
Unauthorized access to the gateway leading to data exfiltration, device manipulation, and privilege escalation within the OpenClaw ecosystem.
If Mitigated
Limited impact with proper network segmentation and additional authentication layers, though the core vulnerability remains.
🎯 Exploit Status
The vulnerability requires only WebSocket access and a malformed auth.token to exploit.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2026.2.2
Vendor Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-rv39-79c4-7459
Restart Required: Yes
Instructions:
1. Download OpenClaw version 2026.2.2 or later from the official repository. 2. Stop the OpenClaw gateway service. 3. Replace the existing installation with the patched version. 4. Restart the OpenClaw gateway service.
🔧 Temporary Workarounds
Network Access Restriction
linuxRestrict WebSocket gateway access to trusted networks only
iptables -A INPUT -p tcp --dport [WEBSOCKET_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
iptables -A INPUT -p tcp --dport [WEBSOCKET_PORT] -j DROP
WebSocket Proxy with Authentication
allPlace a reverse proxy with strong authentication in front of the OpenClaw gateway
🧯 If You Can't Patch
- Implement strict network segmentation to isolate OpenClaw gateway from untrusted networks
- Deploy a Web Application Firewall (WAF) with WebSocket protection rules in front of the gateway
🔍 How to Verify
Check if Vulnerable:
Check OpenClaw version: if version is less than 2026.2.2, the system is vulnerableCheck Version:
openclaw --versionVerify Fix Applied:
Verify OpenClaw version is 2026.2.2 or higher and test WebSocket connections with malformed auth.tokens are rejected📡 Detection & Monitoring
Log Indicators:
- WebSocket connection attempts with auth.token present but no device identity
- Successful gateway connections without proper device pairing logs
- Multiple failed authentication attempts followed by successful connection
Network Indicators:
- WebSocket traffic to gateway port without preceding device pairing handshake
- Unusual WebSocket connection patterns from unexpected sources
SIEM Query:
source="openclaw.log" AND ("websocket" AND "connect" AND NOT "device_identity")