1-Click RCE to steal your Moltbot data and keys
3 days ago
- #AI
- #Vulnerability
- #Cybersecurity
- OpenClaw, an open-source AI personal assistant, is popular but found to have a critical vulnerability.
- A 1-Click Remote Code Execution (RCE) exploit was discovered, allowing attackers to take control via a malicious webpage.
- The vulnerability involves a logic flaw where the system accepts and persists a gatewayUrl from URL parameters without proper validation.
- Attackers can exploit this to steal authentication tokens and gain unauthorized access to personal data and system controls.
- Cross-Site WebSocket Hijacking (CSWSH) was used to bypass network restrictions and interact with localhost services.
- Safety features like exec-approvals.json can be disabled via API calls using stolen tokens, allowing unrestricted command execution.
- The OpenClaw team has patched the vulnerability in versions after v2026.1.24-1, advising users to upgrade and rotate tokens.
- depthfirst offers tools to detect such logic flaws early in the development process.