Listen to this Post
The vulnerability resides in the `ensureChromeExtensionRelayServer` function within OpenClaw versions from 2026.1.14-1 to before 2026.2.12 . The core issue is an improper network binding flaw where the software incorrectly treats wildcard IP addresses like `0.0.0.0` (IPv4) and `::` (IPv6) as safe loopback addresses . When a user configures a wildcard `cdpUrl` in the OpenClaw settings for the Chrome extension relay, this logic error causes the relay’s HTTP/WebSocket server to bind to all available network interfaces, not just the local loopback interface . This exposes the relay service to the local network. The fix, implemented in commit 8d75a49, removed `0.0.0.0` from the loopback check . Consequently, remote attackers on the same network can access the relay’s HTTP endpoints, leading to information disclosure of service presence and port numbers. They could also conduct denial-of-service attacks or brute-force attacks against the relay token header used for authentication .
Platform: NPM package
Version: 2026.1.14-1 to <2026.2.12
Vulnerability : Improper network binding
Severity: MEDIUM
date: 2026-03-05
Prediction: Patched 2026-02-13
What Undercode Say:
Analytics:
The vulnerability was published on 2026-02-17 and affects the `openclaw` npm package . The vulnerable code incorrectly treated the `0.0.0.0` host as a loopback address, causing the Chrome extension relay server to bind to all network interfaces when a wildcard `cdpUrl` was used . The issue was fixed in version 2026.2.12 by commit 8d75a49, which removed the wildcard from the loopback check . Prior hardening for related endpoints was implemented in commit `a1e89af` .
Exploit:
An attacker on the same network could scan for open ports (default 18792) used by the relay .
`nmap -p 18792 `
If accessible, they could attempt to access endpoints without authentication:
`curl http://
`curl http://
Successful access leaks service presence, version info, and WebSocket URLs for DevTools connections . They could also flood the endpoint with requests to cause a DoS or brute-force the `token` header used for authorization .
Protection from this CVE:
Update OpenClaw to version 2026.2.12 or later immediately .
`npm install -g openclaw@latest`
Ensure firewall rules block external access to the relay port (e.g., 18792) .
Do not configure a wildcard `cdpUrl` (e.g., "cdpUrl": "http://0.0.0.0:18792") in the OpenClaw configuration file (~/.openclaw/openclaw.json) .
Use SSH tunnels for secure remote access instead of binding to all interfaces .
`ssh -L 18792:127.0.0.1:18792 user@remote_server`
Impact:
A remote attacker on the same network can access the Chrome extension relay’s HTTP endpoints, leaking service presence and port information . This can enable further attacks such as denial-of-service against the relay service or brute-force attempts to guess the relay token header, potentially compromising browser control if weak tokens are used . The issue allows attackers to interact with services meant to be local-only, increasing the attack surface .
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

