2 matches found
EUVD-2026-12728
OpenClaw versions prior to 2026.3.2 contain a DNS pinning bypass vulnerability in strict URL fetch paths that allows attackers to circumvent SSRF guards when environment proxy variables are configured. When HTTPPROXY, HTTPSPROXY, or ALLPROXY environment variables are present, attacker-influenced...
OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP
Summary OpenClaw's SSRF hostname/IP guard did not detect ISATAP embedded IPv4 addresses ...:5efe:w.x.y.z. A crafted URL containing an ISATAP IPv6 literal could embed a private IPv4 target for example loopback and bypass private-address filtering in URL-fetching paths. Severity Assessment Rated...