10 matches found
CVE-2026-22174
OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the...
EUVD-2026-12716
OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the...
PT-2026-26006
Summary A local process can capture the OpenClaw Gateway auth token from Chrome CDP probe traffic on loopback. Details Affected versions inject x-openclaw-relay-token for loopback CDP URLs, and CDP reachability probes send that header to /json/version. If an attacker controls the probed loopback...
PT-2025-52918
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where BPF test infrastructure could emit invalid GSO types to the stack. This issue stemmed from a fuzzer tool triggering a warning in netif skb feature...
Configure the iptables Policies for Loopback Properly
The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...
DSR mode- Permanently High packet CPU Usage (100%) is seen in the Primary
Packet CPU usage remains consistently at 100% High Loopback traffic is observed on the node...
SUSE CVE-2021-20199
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This impacts containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards...
CVE-2019-0041
On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface lo0. The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This...
DEBIAN-CVE-2015-7504
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...
Windows Packet Divert: WinDivert
Windows Packet Divert WinDivert is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8 and Windows 10. WinDivert allows usermode programs to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can captur...