<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Network-Policy-Bypass - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/network-policy-bypass/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Fri, 17 Jul 2026 02:21:33 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/network-policy-bypass/feed.xml" rel="self" type="application/rss+xml"/><item><title>OpenClaw Network Policy Bypass Vulnerability CVE-2026-62201</title><link>https://feed.craftedsignal.io/briefs/2026-07-openclaw-cve-2026-62201/</link><pubDate>Fri, 17 Jul 2026 02:21:33 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-openclaw-cve-2026-62201/</guid><description>OpenClaw versions prior to 2026.6.6 contain a network policy bypass vulnerability, CVE-2026-62201, within its sandbox exec-server that allows lower-trust callers to send HTTP requests to internal network destinations, effectively bypassing configured security policies and leading to server-side request forgery (SSRF).</description><content:encoded><![CDATA[<p>OpenClaw versions before 2026.6.6 are affected by a high-severity network policy bypass vulnerability, identified as CVE-2026-62201, with a CVSS v3.1 base score of 7.7. This flaw resides in the sandbox exec-server component, which is designed to process HTTP requests. However, due to this vulnerability, lower-trust callers or attackers can manipulate the exec-server to reach internal network destinations that should be restricted by OpenClaw's configured security policies. This effectively transforms the exec-server into an unauthorized proxy, enabling server-side request forgery (SSRF) and allowing attackers to access sensitive internal resources or conduct reconnaissance within the network. This vulnerability enables bypass of critical security controls and could lead to further compromise if exploited.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Vulnerability Identification</strong>: An attacker identifies an internet-accessible OpenClaw instance running a vulnerable version of the <code>exec-server</code> (prior to 2026.6.6).</li>
<li><strong>Request Crafting</strong>: The attacker crafts a malicious HTTP request that includes a target internal network destination (e.g., an internal IP address like <code>192.168.1.1</code> or a sensitive internal hostname like <code>intranet.local</code>) within its parameters, headers, or body.</li>
<li><strong>Exploit Delivery</strong>: The crafted HTTP request is sent to the vulnerable OpenClaw <code>exec-server</code> endpoint.</li>
<li><strong>Policy Bypass</strong>: Due to the <code>CVE-2026-62201</code> vulnerability, the <code>exec-server</code> processes the attacker's request but fails to correctly enforce configured network access control policies for the specified internal destination.</li>
<li><strong>Internal Network Access</strong>: The <code>exec-server</code> then acts as an unauthorized proxy, initiating an outbound connection to the attacker-specified internal network resource.</li>
<li><strong>Information Disclosure/Further Access</strong>: The <code>exec-server</code> relays the response from the internal resource back to the attacker, providing access to information or services that should have been restricted, potentially facilitating internal network reconnaissance or lateral movement.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-62201 allows attackers to bypass intended network security policies, granting unauthorized access to internal network resources. This can lead to sensitive data exposure, internal network mapping, and potentially serve as a stepping stone for further sophisticated attacks such as lateral movement, privilege escalation, or even remote code execution if the accessed internal services have their own vulnerabilities. While no specific victims or campaigns are detailed, any organization using vulnerable OpenClaw instances faces a significant risk of internal network compromise.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Patch CVE-2026-62201 immediately by upgrading OpenClaw to version 2026.6.6 or later.</li>
<li>Deploy the provided Sigma rule to your SIEM to detect suspicious HTTP requests targeting the <code>exec-server</code> with internal network destinations.</li>
<li>Review web server access logs for any requests to paths related to <code>exec-server</code> containing internal IP addresses or reserved network ranges in query parameters or request bodies, as indicated in the Sigma rule.</li>
<li>Implement strict network segmentation and egress filtering to prevent internal systems from communicating with unauthorized external or internal destinations, even if a proxy like the <code>exec-server</code> is compromised.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>vulnerability</category><category>ssrf</category><category>network-policy-bypass</category><category>openclaw</category></item></channel></rss>