CVE-2026-29606
📋 TL;DR
OpenClaw versions before 2026.2.14 have a webhook signature verification bypass in the voice-call extension when tunnel.allowNgrokFreeTierLoopbackBypass is enabled. This allows unauthenticated attackers to send forged requests to public webhook endpoints without valid signatures, potentially causing unauthorized event handling and request flooding. Only affects OpenClaw installations with this specific configuration option explicitly enabled.
💻 Affected Systems
- OpenClaw
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers flood webhook endpoints with forged requests, causing service disruption, processing unauthorized voice-call events, and potentially enabling further attacks through manipulated webhook data.
Likely Case
Limited request flooding causing temporary service degradation and processing of some unauthorized webhook events, though impact depends on webhook functionality.
If Mitigated
Minimal impact if proper network controls and monitoring are in place, with only configuration-specific installations affected.
🎯 Exploit Status
Exploitation requires knowledge of the webhook endpoint URL and the specific configuration being enabled. No authentication needed for the bypass.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2026.2.14
Vendor Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-c37p-4qqg-3p76
Restart Required: Yes
Instructions:
1. Update OpenClaw to version 2026.2.14 or later. 2. Restart the OpenClaw service. 3. Verify the update was successful by checking the version.
🔧 Temporary Workarounds
Disable vulnerable configuration
allSet tunnel.allowNgrokFreeTierLoopbackBypass to false in OpenClaw configuration
Edit OpenClaw config file and set: tunnel.allowNgrokFreeTierLoopbackBypass = false
Restart OpenClaw service
Network isolation
allRestrict access to webhook endpoints using firewall rules
Configure firewall to only allow webhook traffic from trusted sources (e.g., Twilio IP ranges)
🧯 If You Can't Patch
- Disable the tunnel.allowNgrokFreeTierLoopbackBypass configuration option immediately
- Implement strict network access controls to limit webhook endpoint exposure
🔍 How to Verify
Check if Vulnerable:
Check OpenClaw version and configuration: 1. Run openclaw --version. 2. Check config file for tunnel.allowNgrokFreeTierLoopbackBypass setting. Vulnerable if version < 2026.2.14 AND tunnel.allowNgrokFreeTierLoopbackBypass = true.Check Version:
openclaw --versionVerify Fix Applied:
1. Confirm version is 2026.2.14 or higher with openclaw --version. 2. Verify tunnel.allowNgrokFreeTierLoopbackBypass is either false or removed from config. 3. Test webhook endpoint rejects requests without valid X-Twilio-Signature header.📡 Detection & Monitoring
Log Indicators:
- Webhook requests without X-Twilio-Signature header being processed
- Unusual spike in webhook requests from unexpected sources
- Voice-call extension processing requests from unverified sources
Network Indicators:
- HTTP requests to webhook endpoints missing X-Twilio-Signature header
- Unusual traffic patterns to OpenClaw webhook endpoints
SIEM Query:
source="openclaw.log" AND ("webhook" AND NOT "X-Twilio-Signature") OR ("voice-call" AND "unverified")