CVE-2026-43527

HighPublic PoC

Published: 05 May 2026

Published

05 May 2026

Modified

07 May 2026

KEV Added

—

Patch

—

CVSS Score 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS Score 0.0003 8.9th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-43527 is a high-severity SSRF (CWE-918) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and CM-6 (Configuration Settings).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-4 Information Flow Enforcement good match

prevent

Enforces information flow control policies to restrict server-initiated requests to unauthorized private network destinations, directly preventing SSRF exploitation.

SC-7 Boundary Protection good match

prevent

Monitors and controls communications at system boundaries to block outbound requests from the server to internal services or metadata endpoints.

CM-6 Configuration Settings good match

prevent

Establishes and enforces secure configuration settings for browser SSRF policies to disable private-network navigation by default.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1522 Cloud Instance Metadata API Credential Access

Adversaries may attempt to access the Cloud Instance Metadata API to collect credentials and other sensitive data.

attack.mitre.org →

T1552.005 Cloud Instance Metadata API Credential Access

Adversaries may attempt to access the Cloud Instance Metadata API to collect credentials and other sensitive data.

attack.mitre.org →

Why these techniques?

SSRF in public-facing server directly enables T1190 exploitation; explicit metadata endpoint access maps to T1522 discovery and T1552.005 credential retrieval from cloud instance metadata.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests.

Deeper analysisAI

CVE-2026-43527 is a server-side request forgery (SSRF) vulnerability affecting OpenClaw versions before 2026.4.14, published on 2026-05-05. The issue stems from a misconfigured browser SSRF policy that permits private-network navigation by default, allowing browser-driven requests to reach unintended destinations. It is associated with CWE-918 (Server-Side Request Forgery) and CWE-1188 (Insecure Default Initialization of Resource Consumption), and carries a CVSS v3.1 base score of 7.7 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Low-privileged remote attackers (PR:L) can exploit this vulnerability over the network with low attack complexity and no user interaction required. By leveraging the permissive policy, they can craft requests that cause the OpenClaw server to access internal services or metadata endpoints, potentially exposing sensitive information with high confidentiality impact due to the changed scope (S:C).

Mitigation patches are provided in OpenClaw GitHub commits 024f4614a1a1831406e763adc40ef226e3d5e9ed, 1dabfef28db523e7de81edeb3dd689e9171236a2, 213c36cf51121ef6c05cfccd78037371f968f31a, and 7eecfa411df3d12e6b810e6ca5df47254fc3db3f. Additional details are available in the GitHub security advisory at GHSA-53vx-pmqw-863c. Affected users should upgrade to OpenClaw 2026.4.14 or later to address the vulnerability.

Details

CWE(s): CWE-918 CWE-1188

Affected Products

openclaw

≤ 2026.4.14

CVEs Like This One

CVE-2026-28467Same product: Openclaw Openclaw

CVE-2026-41297Same product: Openclaw Openclaw

CVE-2026-26324Same product: Openclaw Openclaw

CVE-2026-35629Same product: Openclaw Openclaw

CVE-2026-31989Same product: Openclaw Openclaw

CVE-2026-41912Same product: Openclaw Openclaw

CVE-2026-22181Same product: Openclaw Openclaw

CVE-2026-28476Same product: Openclaw Openclaw

CVE-2026-6011Same product: Openclaw Openclaw

CVE-2026-41914Same product: Openclaw Openclaw

References

https://github.com/openclaw/openclaw/commit/024f4614a1a1831406e763adc40ef226e3d5e9ed
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/commit/1dabfef28db523e7de81edeb3dd689e9171236a2
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/commit/213c36cf51121ef6c05cfccd78037371f968f31a
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/commit/7eecfa411df3d12e6b810e6ca5df47254fc3db3f
Patch · disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-53vx-pmqw-863c
Vendor Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-private-network-navigation
Third Party Advisory · disclosure@vulncheck.com