Scan free
Pending AnalysisCVE-2026-28472

CVE-2026-28472: Authentication Bypass in OpenClaw Gateway

Platform

nodejs

Component

openclaw

Fixed in

2026.2.2

View on NVD
Save

CVE-2026-28472 describes an authentication bypass vulnerability in the OpenClaw gateway WebSocket connection handler. This flaw allows attackers to bypass device identity checks, potentially enabling unauthorized connections and access to protected resources. The vulnerability affects versions prior to 2026.2.2 and has been fixed in that release. Promptly upgrading is recommended to mitigate this critical risk.

Impact and Attack Scenarios

The impact of CVE-2026-28472 is severe. An attacker can exploit this vulnerability to connect to the OpenClaw gateway without providing valid device authentication credentials. This unauthorized access could lead to a range of malicious activities, including data exfiltration, command execution within the gateway environment, and lateral movement to other systems connected to the gateway. The ability to bypass authentication effectively grants an attacker a foothold within the protected network, potentially compromising the entire system. This bypass is achieved by exploiting a flaw in the connect handshake where the presence of an auth.token is checked before validation of the shared secret, allowing a malicious client to masquerade as a legitimate device.

Exploitation Context

CVE-2026-28472 was published on 2026-02-17. Its severity is rated CRITICAL (9.8). There is currently no indication of this vulnerability being actively exploited in the wild, nor is it listed on KEV or EPSS. Public proof-of-concept (POC) code is not yet available, but the vulnerability's ease of exploitation suggests it could become a target for opportunistic attackers.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.05% (17% percentile)

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityLowConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityHighRisk of sensitive data exposureIntegrityHighRisk of unauthorized data modificationAvailabilityHighRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
Low — no special conditions required. Attacker can exploit reliably without depending on rare configurations or timing.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
High — complete confidentiality loss. Attacker can read all data: credentials, keys, personal data.
Integrity
High — attacker can write, modify, or delete any data: databases, config files, or code.
Availability
High — complete crash or resource exhaustion. Full denial of service.

Weakness Classification (CWE)

CWE-306

Timeline

  1. Published
  2. Modified
  3. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2026-28472 is to upgrade OpenClaw to version 2026.2.2 or later. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds. While no direct WAF rules can prevent this, strict network segmentation limiting access to the gateway WebSocket endpoint can reduce the attack surface. Carefully review and restrict access to the gateway based on IP address or other network-based controls. After upgrading, verify the fix by attempting a WebSocket connection without providing a valid shared secret; the connection should be rejected.

How to fix

Actualice OpenClaw a la versión 2026.2.2 o posterior. Esta versión corrige la vulnerabilidad que permite omitir la verificación de la identidad del dispositivo durante el handshake de conexión WebSocket del gateway.

Frequently asked questions

What is CVE-2026-28472 — Authentication Bypass in OpenClaw Gateway?

CVE-2026-28472 is a CRITICAL vulnerability in OpenClaw gateways that allows attackers to bypass device identity checks during WebSocket connections, potentially gaining unauthorized access.

Am I affected by CVE-2026-28472 in OpenClaw Gateway?

If you are running OpenClaw versions prior to 2026.2.2 and expose your gateway WebSocket to untrusted networks, you are likely affected by this vulnerability.

How do I fix CVE-2026-28472 in OpenClaw Gateway?

Upgrade OpenClaw to version 2026.2.2 or later to remediate the vulnerability. If immediate upgrade is not possible, implement network segmentation and access restrictions as temporary workarounds.

Is CVE-2026-28472 being actively exploited?

Currently, there is no public evidence of CVE-2026-28472 being actively exploited, but its ease of exploitation suggests it could become a target.

Where can I find the official OpenClaw advisory for CVE-2026-28472?

Refer to the official OpenClaw security advisory for detailed information and updates regarding CVE-2026-28472: [https://www.openclaw.com/security/advisories](https://www.openclaw.com/security/advisories)

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs
livefree scan

Try it now — no account

Upload any manifest (composer.lock, package-lock.json, WordPress plugin list…) or paste your component list. You get a vulnerability report instantly. Uploading a file is just the start: with an account you get continuous monitoring, Slack/email alerts, multi-project and white-label reports.

Manual scanSlack/email alertsContinuous monitoringWhite-label reports

Drag & drop your dependency file

composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...