OpenClaw Authentication Bypass Vulnerability in Sandbox Browser Bridge Server

A vulnerability exists in OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14, allowing local attackers to bypass authentication on the sandbox browser bridge server. This server, which operates on a loopback TCP port, controls browser endpoints such as profiles and tabs. The lack of authentication enables attackers to access these endpoints and manipulate browser sessions. Exploitation allows for the enumeration of tabs, retrieval of WebSocket URLs, execution of JavaScript in page contexts, and exfiltration of cookies and session data from authenticated browser sessions.

Impact

Exploitation of this vulnerability could lead to a complete compromise of browser sessions in the sandboxed environment, allowing access to sensitive data and control over browser actions.

Reproduction

To reproduce this vulnerability, start OpenClaw with the sandboxed browser feature enabled. Once the application is running, initiate the sandbox browser bridge server, which will expose browser control endpoints on a loopback HTTP bridge. Without the proper authentication in place, local processes can send requests to this bridge and access the exposed endpoints. This can be done manually or through a script that targets the bridge server without including the required authentication headers.

Remediation

Users are advised to upgrade to OpenClaw version 2026.2.14 or later, where this vulnerability has been patched. Alternatively, the sandboxed browser feature can be disabled.