DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-C4QG-J8JG-42Q5: GHSA-C4QG-J8JG-42Q5: Server-Side Request Forgery in OpenClaw QQBot Extension

#security #cve #cybersecurity #ghsa

GHSA-C4QG-J8JG-42Q5: Server-Side Request Forgery in OpenClaw QQBot Extension

Vulnerability ID: GHSA-C4QG-J8JG-42Q5
CVSS Score: Low
Published: 2026-04-25

The OpenClaw platform contains a Server-Side Request Forgery (SSRF) vulnerability within its QQBot extension. The application fails to validate external media URLs before relaying them to the QQ Open Platform API. This flaw allows an attacker to induce the upstream QQ API to initiate HTTP requests to arbitrary destinations, including sensitive internal services and cloud metadata endpoints.

TL;DR

Unvalidated media URLs in the OpenClaw QQBot extension permit attackers to relay SSRF attacks through the upstream QQ Open Platform API, potentially exposing internal services.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-918
  • Vulnerability Class: Server-Side Request Forgery (SSRF)
  • Attack Vector: Network
  • Impact: Information Disclosure / Internal Scanning
  • Exploit Status: Proof of Concept
  • Patch Availability: Fixed in version 2026.4.20

Affected Systems

  • OpenClaw Platform
  • OpenClaw QQBot Extension
  • openclaw: < 2026.4.20 (Fixed in: 2026.4.20)

Code Analysis

Commit: 49db424

Fix SSRF vulnerability in QQBot extension by enforcing strict URL validation and hostname policy checks.

Mitigation Strategies

  • Upgrade openclaw package to version 2026.4.20
  • Enforce strict protocol whitelisting (HTTPS only)
  • Configure DNS resolution policies to block internal IP ranges
  • Implement Web Application Firewall rules for interim protection

Remediation Steps:

  1. Identify all deployments and dependencies relying on the openclaw package.
  2. Update the package.json file to specify openclaw version 2026.4.20 or later.
  3. Execute the package manager update command (e.g., npm install or yarn upgrade).
  4. Verify the internal configuration of resolvePinnedHostnameWithPolicy blocks RFC 1918 and IMDS endpoints.
  5. Restart the OpenClaw application services to apply the new module version.

References

Read the full report for GHSA-C4QG-J8JG-42Q5 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)