OpenClaw Incomplete Navigation Guard SSRF Bypass (CVE-2026-43580)

OpenClaw, a web application framework, is vulnerable to an SSRF bypass due to an incomplete navigation guard implementation. Specifically, versions prior to 2026.4.10 fail to properly enforce SSRF policies when navigation is triggered through browser-style interactions such as pressKey and type submit flows. This flaw, identified as CVE-2026-43580, allows attackers to potentially bypass intended security checks and initiate unauthorized navigation, potentially accessing internal resources or triggering other backend vulnerabilities. The vulnerability was reported by VulnCheck and affects any application using vulnerable versions of the OpenClaw framework. Successful exploitation requires an attacker to manipulate user input in a way that triggers navigation events handled by the vulnerable code.

Attack Chain

1. An attacker identifies an OpenClaw application using a version prior to 2026.4.10.
2. The attacker locates an input field or button that triggers a navigation event upon submission.
3. The attacker crafts malicious input designed to bypass the intended SSRF policy enforcement. This could involve specific characters or sequences that are not properly sanitized or validated.
4. The attacker uses browser interaction techniques (e.g., pressKey or type submit flows) to submit the crafted input, triggering the navigation event.
5. The incomplete navigation guard fails to properly validate the target of the navigation request due to the bypassed security checks.
6. OpenClaw application initiates a request to a server controlled by the attacker (or an internal resource), effectively bypassing SSRF protections.
7. The attacker receives the response from the targeted server.
8. The attacker exploits the data obtained from the targeted server.

Impact

Successful exploitation of this vulnerability (CVE-2026-43580) can lead to Server-Side Request Forgery (SSRF). An attacker could potentially access sensitive internal resources, such as configuration files, databases, or internal APIs, that are not exposed to the public internet. While the CVSS score indicates no impact to Integrity or Availability directly, the compromise of sensitive internal data can lead to further attacks or data breaches, potentially affecting user data, intellectual property, or critical infrastructure. The number of affected installations depends on the adoption rate of OpenClaw before the patch.

Recommendation

• Upgrade OpenClaw to version 2026.4.10 or later to remediate CVE-2026-43580 by applying the patches referenced in the advisory URLs.
• Inspect web server logs for unusual navigation patterns, especially those originating from browser-style interactions as a compensating control. Create a detection rule monitoring for these patterns (see example Sigma rule below).
• Implement strict input validation and sanitization on all user-provided data to prevent attackers from crafting malicious navigation requests.
• Review and harden SSRF policies within the OpenClaw application to ensure comprehensive coverage of all navigation paths, including those triggered by browser interactions.