OpenClaw Improper Network Binding Vulnerability in Chrome Extension Relay Server
Vulnerability
A vulnerability exists in the OpenClaw Chrome extension relay server, specifically in versions 2026.1.14-1 prior to 2026.2.12. The issue arises from the relay server incorrectly interpreting wildcard hosts as loopback addresses, allowing the server to bind to all network interfaces when a wildcard cdpUrl is set. This misconfiguration can expose relay HTTP/WebSocket endpoints to remote attackers, potentially leading to unauthorized access, denial-of-service, or brute-force attacks against the relay token header.
Impact
Exploitation of this vulnerability could result in the relay server being accessible off-host, allowing remote attackers to leak service presence and port information, or to conduct denial-of-service and brute-force attacks against the relay token header.
Reproduction
1. Install and enable the OpenClaw Chrome extension. 2. Configure the extension to use a wildcard cdpUrl. 3. Start the Chrome extension relay server. 4. The relay server will bind to all interfaces, allowing remote access to the relay HTTP/WebSocket endpoints.
Remediation
Users can update to OpenClaw version 2026.2.12 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.