OpenClaw Image Download Allows Access to Internal URLs

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.3

OpenClaw Image Download Allows Access to Internal URLs

GHSA-qxgf-hmcj-3xw3

Summary

A vulnerability in OpenClaw's image download feature allows a malicious FAL relay to access internal URLs and potentially expose sensitive metadata or service responses. This affects OpenClaw versions up to 2026.3.24. To fix, update to version 2026.3.28 or later.

What to do

Update GitHub Actions openclaw to version 2026.3.28.

Affected software

Vendor	Product	Affected versions	Fix available
GitHub Actions	openclaw	<= 2026.3.24	2026.3.28

Original title

OpenClaw affected by SSRF via unguarded image download in fal provider

Original description

## Summary

The fal provider used raw fetches for both provider API traffic and returned image download URLs instead of the existing SSRF-guarded fetch path.

## Impact

A malicious or compromised fal relay could make the gateway fetch internal URLs and expose metadata or internal service responses through the image pipeline.

## Affected Component

`extensions/fal/image-generation-provider.ts`

## Fixed Versions

- Affected: `<= 2026.3.24`
- Patched: `>= 2026.3.28`
- Latest stable `2026.3.28` contains the fix.

## Fix

Fixed by commit `80d1e8a11a` (`fal: guard image fetches`).

ghsa CVSS4.0 2.3

Vulnerability type

CWE-918 Server-Side Request Forgery (SSRF)

Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026