Vulnerability Report

CVE-2026-25253

Title: WebSocket Connection without Prompt in OpenClaw

Other

Proof Of Concept

PoC Available for CVE-2026-25253

CWE Category CWE-669
Published Date Feb 01, 2026
Modified Date Feb 13, 2026
Exploit Status Available
Score 8.8 CVSS v3.1
Exploit Probability (EPSS)
9.56%

Vulnerability Summary

CVE-2026-25253: OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Impacted Vendors

O
openclaw 1

Reference Links

https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys https://github.com/openclaw/openclaw/security/advisories/GHSA-g8p2-7wf7-98mq https://openclaw.ai/blog
CVSS v3.1
Source Entity [email protected]
Severity HIGH
8.8
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
REQUIRED
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2026-25253 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/ethiack/moltbot-1click-rce
View Code
GitHub https://github.com/Joseph19820124/openclaw-vuln-report
View Code
GitHub https://github.com/al4n4n/CVE-2026-25253-research
View Code
MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction REQUIRED
CVSS Vector String CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.