OpenClaw privilege-escalation bug

Posted by kykeonaut 5 hours ago

OpenClaw privilege-escalation bug(old.reddit.com)

208 points | 140 commentspage 2

throwpoaster 1 hour ago|

The Ludditism in this thread, and the linked thread, is shocking.

Simon321 4 hours ago||

Only if your openclaw instance is publicly exposed on the internet... which is not the case for most people

causal 4 hours ago|

Until recently, this was default configuration

Edit: Default binding was to 0.0.0.0, and if you were not aware of this and assumed your router was keeping you safe, you probably should not be using OpenClaw. In fact some services may still default to 0.0.0.0: https://github.com/openclaw/openclaw/issues/5263

https://github.com/openclaw/openclaw/commit/5643a934799dc523...

earnesti 4 hours ago|||

I have used openclaw pretty long but at no point it has proposed doing anything like that.

nickthegreek 4 hours ago||||

Not true. So many people love to come out of the woodwork on these openclaw posts who have no first hand knowledge of the software. It is stunning.

charcircuit 4 hours ago|||

Since pretty much the beginning it wasn't and the documentation explicitly warned not to make it public, exposing it to the internet. It included information on how you can properly forward the gateway port to your machine without opening it up to the internet.

kube-system 3 hours ago||

If someone could forward the SSH port from my VPS to access my instance, I already had bigger problems.

n1tro_lab 3 hours ago||

Authorization failed open when a parameter was missing. Same pattern as Langflow. They patched one endpoint, missed another calling the same function. Per-endpoint hardening doesn't scale.

jeremie_strand 3 hours ago|

[dead]

rvz 4 hours ago||

OpenClaw has over 400+ security issues and vulnerabilities. [0]

Why on earth would you install something like that has access to your entire machine, even if it is a separate one which has the potential to scan local networks?

Who is even making money out of OpenClaw other than the people attempting to host it? I see little use out of it other than a way to get yourself hacked by anyone.

[0] https://github.com/openclaw/openclaw/security

nickthegreek 4 hours ago|

It does not need access to your full machine. It can literally run in a vps.

rob 3 hours ago|||

Most of the people using it probably don't even know what SSH is, let alone using a VPS to maintain a personal bot for them for years with no maintenance. They know Vercel and Supabase. They will run it on their local machine and just keep clicking yes to everything until they get the result they want.

nickthegreek 2 hours ago||

That is not how the software works.. I take it you have no first hand knowledge with this stack? This isn't a double click the exe and you are off the races. The hostinger vps is actually the easiest way for a normie to get this running.

eloisant 2 hours ago||||

The thing is that if you want it to do useful things, you kinda have to give it access to some of your accounts.

nickthegreek 2 hours ago||

This is not true. It is useful without having access to a single account of mine. My setup runs on its own accounts and hardware. Obviously it is not sending out emails from my inbox, but that is not a usecase of any value to me. And if it was, there are actually plenty of ways to do that safely as well.

If you think you need to give it the keys to your kingdoom to be useful, you are not actually experimenting with this stack but regurgitating the words of others. I really don't understand the mindset of comments like this.

fraywing 4 hours ago|||

How do you think the vibe-coding layman audience is using OpenClaw?

nickthegreek 4 hours ago|||

Hostinger vps if youtube is any indication. Also its actually hard for a layman to run this software.

butlike 3 hours ago|||

"All you have to do is run the command `/yolo` to start your instance of OpenClaw."

bigstrat2003 2 hours ago||

If you're running OpenClaw, you already threw security and reliability out the window by running LLMs on the command line. It's a bit late to start worrying now.

earnesti 4 hours ago||

I don't think enabling admin on open internet is a default behaviour by any means?

gloosx 1 hour ago||

erhm.... what the hell is openclaw?? what does it actually do? i tried searching and researching but I couldnt understand what it is. Autonomous ai agent framework?? what does this even mean? like a claude wrapper?

pym4n 3 hours ago|

Guys, OpenClaw is a toy, that's it!

More comments...