Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
OpenClaw allows access to blocked IP addresses via web fetch
GHSA-4rqq-w8v4-7p47
Summary
A security issue in OpenClaw allows unauthorized access to certain blocked IP addresses. This can happen if an attacker can reach these addresses over the network and make a specific type of request. To fix this, update your OpenClaw version to the latest version, which is available now.
What to do
- Update openclaw to version 2026.2.22.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | openclaw | <= 2026.2.22 | 2026.2.22 |
Original title
OpenClaw has incomplete IPv4 special-use SSRF blocking in web fetch guard
Original description
### Summary
`isPrivateIpv4()` in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so `web_fetch` could allow targets that should be blocked by SSRF policy.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published affected version: `2026.2.21-2` (published 2026-02-21)
- Structured vulnerable range: `<= 2026.2.21-2`
- Planned patched version (pre-set): `>= 2026.2.22`
### Impact
Low severity. Exploitation requires network reachability to the relevant special-use ranges and a request path that reaches `web_fetch` URL fetching.
### Technical Details
Affected releases used narrow IPv4 private-range checks that omitted multiple RFC special-use/non-global ranges. This allowed requests such as `http://198.18.0.1/...` through SSRF validation in affected releases. Follow-up hardening consolidates local-host/tailnet range checks so gateway/browser/tailnet paths share one canonical IP classification flow.
### Fix Commit(s)
- `71bd15bb4294d3d1b54386064d69cd0f5f731bd8`
- `44dfbd23df453e51b71ef79a148c28c53e89168c`
- `333fbb86347998526dd514290adfd5f727caa6d9`
- `f14ebd743cfc73f667fae80af70043d0ab1f88bd`
OpenClaw thanks @princeeismond-dot for reporting.
`isPrivateIpv4()` in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so `web_fetch` could allow targets that should be blocked by SSRF policy.
### Affected Packages / Versions
- Package: `openclaw` (npm)
- Latest published affected version: `2026.2.21-2` (published 2026-02-21)
- Structured vulnerable range: `<= 2026.2.21-2`
- Planned patched version (pre-set): `>= 2026.2.22`
### Impact
Low severity. Exploitation requires network reachability to the relevant special-use ranges and a request path that reaches `web_fetch` URL fetching.
### Technical Details
Affected releases used narrow IPv4 private-range checks that omitted multiple RFC special-use/non-global ranges. This allowed requests such as `http://198.18.0.1/...` through SSRF validation in affected releases. Follow-up hardening consolidates local-host/tailnet range checks so gateway/browser/tailnet paths share one canonical IP classification flow.
### Fix Commit(s)
- `71bd15bb4294d3d1b54386064d69cd0f5f731bd8`
- `44dfbd23df453e51b71ef79a148c28c53e89168c`
- `333fbb86347998526dd514290adfd5f727caa6d9`
- `f14ebd743cfc73f667fae80af70043d0ab1f88bd`
OpenClaw thanks @princeeismond-dot for reporting.
ghsa CVSS4.0
6.9
Vulnerability type
CWE-918
Server-Side Request Forgery (SSRF)
- https://github.com/openclaw/openclaw/security/advisories/GHSA-4rqq-w8v4-7p47
- https://github.com/openclaw/openclaw/commit/333fbb86347998526dd514290adfd5f727ca...
- https://github.com/openclaw/openclaw/commit/44dfbd23df453e51b71ef79a148c28c53e89...
- https://github.com/openclaw/openclaw/commit/71bd15bb4294d3d1b54386064d69cd0f5f73...
- https://github.com/openclaw/openclaw/commit/f14ebd743cfc73f667fae80af70043d0ab1f...
- https://github.com/advisories/GHSA-4rqq-w8v4-7p47
Published: 4 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026