Skip to main content

Openclaw CVE-2026-32019

LOW
Server-Side Request Forgery (SSRF) (CWE-918)
2026-03-19 disclosure@vulncheck.com GHSA-4rqq-w8v4-7p47
2.3
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.3 LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 19, 2026 - 22:30 vuln.today
CVE Published
Mar 19, 2026 - 22:16 nvd
LOW 2.3

DescriptionCVE.org

OpenClaw versions prior to 2026.2.22 contain incomplete IPv4 special-use range validation in the isPrivateIpv4() function, allowing requests to RFC-reserved ranges to bypass SSRF policy checks. Attackers with network reachability to special-use IPv4 ranges can exploit web_fetch functionality to access blocked addresses such as 198.18.0.0/15 and other non-global ranges.

AnalysisAI

OpenClaw versions prior to 2026.2.22 contain incomplete validation of IPv4 special-use ranges in the isPrivateIpv4() function, allowing attackers to bypass Server-Side Request Forgery (SSRF) policy checks and access RFC-reserved address ranges that should be blocked. An authenticated attacker with network reachability to special-use IPv4 ranges such as 198.18.0.0/15 can exploit the web_fetch functionality to access blocked internal addresses, resulting in information disclosure and potential lateral movement. The vulnerability has been patched and security advisories are available from the OpenClaw project.

Technical ContextAI

This vulnerability affects OpenClaw's SSRF mitigation layer, specifically the isPrivateIpv4() function which is responsible for validating whether IP addresses fall within RFC-designated special-use ranges that should not be accessible via web requests. The root cause is classified under CWE-918 (Server-Side Request Forgery), which occurs when an application fails to properly validate and restrict user-controllable URLs before making network requests. OpenClaw's incomplete range validation means that certain RFC-reserved IPv4 blocks including 198.18.0.0/15 (TEST-NET-2) and other non-globally-routable ranges are not properly identified as restricted, allowing them to pass through SSRF guards. The web_fetch functionality then proceeds to make requests to these supposedly-protected ranges, enabling unauthorized access to internal network resources. The fix requires comprehensive enumeration of all IPv4 special-use ranges as defined in RFC 5735 and RFC 6598.

RemediationAI

Upgrade OpenClaw to version 2026.2.22 or later immediately, as multiple patch commits have been merged to address the isPrivateIpv4() validation gaps. Consult the official GitHub security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-4rqq-w8v4-7p47 for detailed upgrade instructions and confirmation of patches in your release branch. As a temporary mitigation while patching is in progress, restrict network egress from OpenClaw instances to explicitly allow only necessary external destinations, implement IP filtering at the network perimeter to block requests destined for RFC-reserved ranges (198.18.0.0/15, 169.254.0.0/16, 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and others), and consider disabling the web_fetch functionality entirely if not essential for operations. Additionally, audit access logs to identify any exploitation attempts against special-use ranges.

CVE-2026-28446 CRITICAL POC
9.4 Mar 05

Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.

CVE-2026-33579 CRITICAL POC
9.4 Mar 31

Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b

CVE-2026-32042 HIGH POC
8.8 Mar 21

OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att

CVE-2026-32051 HIGH POC
8.8 Mar 21

An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.

CVE-2026-25253 HIGH POC
8.8 Feb 01

OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e

CVE-2026-32846 HIGH POC
8.7 Mar 26

Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in

CVE-2026-32064 HIGH POC
7.7 Mar 21

OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all

CVE-2026-32055 HIGH POC
7.6 Mar 21

OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director

CVE-2026-32056 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func

CVE-2026-32049 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste

CVE-2026-32048 HIGH POC
7.5 Mar 21

OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low

CVE-2026-25474 HIGH POC
7.5 Feb 19

OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec

Share

CVE-2026-32019 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy