Cyber Resilience

CVE-2026-28485

HighPublic PoC

Published: 05 March 2026

Published
05 March 2026
Modified
11 March 2026
KEV Added
Patch
CVSS Score v4 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0020 9.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-28485 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 9.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2026-28485 is a missing authentication vulnerability (CWE-306) in OpenClaw versions 2026.1.5 prior to 2026.2.12. The issue stems from a failure to enforce mandatory authentication on the /agent/act browser-control HTTP route, which allows unauthorized local callers to invoke privileged operations.

Local attackers, including remote attackers on the local network or local processes, can exploit this vulnerability by sending requests to unauthenticated endpoints. Successful exploitation enables execution of arbitrary browser-context actions and access to sensitive in-session data. The CVSS v3.1 base score is 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting high confidentiality, integrity, and availability impacts with low complexity and no privileges required.

Mitigation requires upgrading to OpenClaw version 2026.2.12 or later. The patching commit is available at https://github.com/openclaw/openclaw/commit/9230a2ae14307740a13ada7afd6dcfab34e0287f, with further details in the GitHub Security Advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-qpjj-47vm-64pj and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-missing-authentication-in-browser-control-http-endpoints.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context actions and…

more

access sensitive in-session data by sending requests to unauthenticated endpoints.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
T1555.003 Credentials from Web Browsers Credential Access
Adversaries may acquire credentials from web browsers by reading files specific to the target browser.
Why these techniques?

Missing authentication on local HTTP browser-control endpoint enables remote service exploitation (T1210) for arbitrary browser-context execution and access to sensitive in-session data like browser credentials (T1555.003).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-28468Same product: Openclaw Openclaw
CVE-2026-28472Same product: Openclaw Openclaw
CVE-2026-28450Same product: Openclaw Openclaw
CVE-2026-28458Same product: Openclaw Openclaw
CVE-2026-32064Same product: Openclaw Openclaw
CVE-2026-32041Same product: Openclaw Openclaw
CVE-2026-28466Same product: Openclaw Openclaw
CVE-2026-4039Same product: Openclaw Openclaw
CVE-2026-41352Same product: Openclaw Openclaw
CVE-2026-26319Same product: Openclaw Openclaw

Affected Assets

openclaw
openclaw
≤ 2026.1.5 · 2026.2.9 — 2026.2.12

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Explicitly identifies and authorizes only specific actions without identification or authentication, directly mitigating the failure to enforce mandatory authentication on the privileged /agent/act HTTP route.

prevent

Enforces approved authorizations for logical access to information and system resources, preventing unauthorized local or local-network callers from invoking privileged browser operations.

prevent

Requires timely identification, reporting, and correction of system flaws, directly addressing the missing authentication vulnerability through patching to OpenClaw 2026.2.12 or later.

References