PT-2026-25513 · Npm · Openclaw
Publicado
2026-03-04
·
Atualizado
2026-03-04
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Summary
isPrivateIpv4() in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so web fetch could allow targets that should be blocked by SSRF policy.Affected Packages / Versions
- Package:
openclaw(npm) - Latest published affected version:
2026.2.21-2(published 2026-02-21) - Structured vulnerable range:
<= 2026.2.21-2 - Planned patched version (pre-set):
>= 2026.2.22
Impact
Low severity. Exploitation requires network reachability to the relevant special-use ranges and a request path that reaches
web fetch URL fetching.Technical Details
Affected releases used narrow IPv4 private-range checks that omitted multiple RFC special-use/non-global ranges. This allowed requests such as
http://198.18.0.1/... through SSRF validation in affected releases. Follow-up hardening consolidates local-host/tailnet range checks so gateway/browser/tailnet paths share one canonical IP classification flow.Fix Commit(s)
71bd15bb4294d3d1b54386064d69cd0f5f731bd844dfbd23df453e51b71ef79a148c28c53e89168c333fbb86347998526dd514290adfd5f727caa6d9f14ebd743cfc73f667fae80af70043d0ab1f88bd
OpenClaw thanks @princeeismond-dot for reporting.
Correção
SSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Openclaw