Vulnerability Report

CVE-2026-34504

Title: Server-Side Request Forgery in OpenClaw fal provider

SSRF

Proof Of Concept

No public PoC currently indexed for CVE-2026-34504.

CWE Category CWE-918

Published Date Mar 31, 2026

Modified Date Apr 02, 2026

Exploit Status Not Found

Score 6.9 CVSS v4.0

Exploit Probability (EPSS)

0.23%

Vulnerability Summary

CVE-2026-34504: OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or compromised fal relay can exploit unguarded image download fetches to expose internal service metadata and responses through the image pipeline.

Impacted Vendors

openclaw 1

Reference Links

https://github.com/openclaw/openclaw/commit/80d1e8a11a2ac118c7f7a70bba9c862b6141d928 https://github.com/openclaw/openclaw/security/advisories/GHSA-qxgf-hmcj-3xw3 https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-unguarded-image-download-in-fal-provider

CVSS v4.0

Source Entity [email protected]

Severity MEDIUM

6.9

Attack Vector

NETWORK

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

N/A

RAW VECTOR

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS v3.1

Source Entity [email protected]

Severity HIGH

8.3