{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-43573/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.7,"id":"CVE-2026-43573"}],"_cs_exploited":false,"_cs_products":["OpenClaw"],"_cs_severities":["high"],"_cs_tags":["ssrf","cve-2026-43573","vulnerability"],"_cs_type":"advisory","_cs_vendors":["OpenClaw"],"content_html":"\u003cp\u003eOpenClaw versions prior to 2026.4.10 are susceptible to a server-side request forgery (SSRF) policy bypass vulnerability, identified as CVE-2026-43573. This flaw exists in the existing-session browser interaction routes, enabling attackers to circumvent SSRF navigation guards. Successful exploitation allows an attacker to interact with or navigate to unauthorized targets without the intended policy enforcement. This vulnerability could lead to the exposure of sensitive information, unauthorized access to internal resources, or further exploitation of other system components. Defenders need to ensure OpenClaw instances are updated to the latest version to mitigate this risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies an OpenClaw instance running a version prior to 2026.4.10.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious request targeting an existing user session within the OpenClaw application.\u003c/li\u003e\n\u003cli\u003eThe crafted request is designed to exploit the SSRF policy bypass in the browser interaction routes.\u003c/li\u003e\n\u003cli\u003eThe vulnerable code fails to properly enforce SSRF navigation guards during browser interaction.\u003c/li\u003e\n\u003cli\u003eThe attacker is able to bypass the intended SSRF protections and initiate requests to unauthorized internal or external targets.\u003c/li\u003e\n\u003cli\u003eThe OpenClaw server processes the attacker-initiated request without proper validation.\u003c/li\u003e\n\u003cli\u003eThe attacker interacts with or navigates to unauthorized targets, potentially gaining access to sensitive information or internal resources.\u003c/li\u003e\n\u003cli\u003eThe attacker may leverage the compromised session to further escalate privileges or perform other malicious activities within the network.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-43573 allows attackers to bypass SSRF protections in OpenClaw, potentially leading to unauthorized access to sensitive data or internal resources. The impact depends on the specific configurations and network architecture of the affected OpenClaw deployment, but could include exposure of confidential information, disruption of services, or further compromise of internal systems.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade OpenClaw to version 2026.4.10 or later to patch the SSRF policy bypass vulnerability (CVE-2026-43573).\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;OpenClaw SSRF Attempt\u0026rdquo; to detect exploitation attempts targeting the vulnerable browser interaction routes.\u003c/li\u003e\n\u003cli\u003eReview and harden existing session management policies in OpenClaw to prevent unauthorized session access.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-05T12:16:21Z","date_published":"2026-05-05T12:16:21Z","id":"/briefs/2026-05-openclaw-ssrf/","summary":"OpenClaw before version 2026.4.10 is vulnerable to a server-side request forgery (SSRF) policy bypass, allowing attackers to bypass navigation guards and interact with unauthorized targets.","title":"OpenClaw SSRF Policy Bypass Vulnerability (CVE-2026-43573)","url":"https://feed.craftedsignal.io/briefs/2026-05-openclaw-ssrf/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-43573","version":"https://jsonfeed.org/version/1.1"}