OpenClaw Server-Side Request Forgery Vulnerability in Browser CDP Profile Creation

A server-side request forgery (SSRF) vulnerability has been identified in OpenClaw versions prior to 2026.4.20. This vulnerability arises during the creation of browser Chrome DevTools Protocol (CDP) profiles, where strict-mode SSRF policy checks are bypassed. As a result, attackers can create stored profiles that point to private-network or metadata endpoints, circumventing security policies. These endpoints can be accessed later during regular profile status operations, potentially leading to unauthorized data exposure or manipulation.

Impact

Exploitation of this vulnerability allows for server-side request forgery, where an attacker can manipulate requests to internal services or metadata endpoints, bypassing security controls and potentially accessing sensitive information.

Reproduction

To reproduce this vulnerability, create a browser CDP profile in OpenClaw version prior to 2026.4.20. During the profile creation, the SSRF policy checks are not applied, allowing the inclusion of private-network or metadata endpoints. Once the profile is saved, the vulnerability can be observed by probing the profile status, which will trigger requests to the previously specified endpoints, bypassing any security measures that should have been in place.

Remediation

Users can update to OpenClaw version 2026.4.20 or later, where this vulnerability has been patched.