CVE-2026-22174

描述

### Summary A local process can capture the OpenClaw Gateway auth token from Chrome CDP probe traffic on loopback. ### Details Affected versions inject `x-openclaw-relay-token` for loopback CDP URLs, and CDP reachability probes send that header to `/json/version`. If an attacker controls the probed loopback port, they can read that token and reuse it as Gateway bearer auth. Relevant code paths (pre-fix): - `src/browser/extension-relay.ts` (`getChromeExtensionRelayAuthHeaders`) - `src/browser/cdp.helpers.ts` (`getHeadersWithAuth`) - `src/browser/chrome.ts` (`fetchChromeVersion`) ### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published (at triage): `2026.2.21-2` - Vulnerable: `<= 2026.2.21-2` - Patched: >= 2026.2.22 ### Deployment Model Applicability This does **not** change OpenClaw’s documented security model for standard single-owner installs (you own the machine/VPS and trust local processes under that OS account boundary). Risk is for **non-standard shared-user/shared-host installs** where an untrusted local user/process can race/bind the loopback relay port. ### Impact - Local credential disclosure. - Follow-on impact depends on local deployment and enabled Gateway capabilities. ### Fix Commit(s) - `afa22acc4a09fdf32be8a167ae216bee85c30dad` ### Release Process Note Patched version is set to >= 2026.2.22 for the published release. OpenClaw thanks @tdjackey for reporting.

受影響套件(1)

• npm/openclawfrom 0, < 2026.2.22

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-22174
• PATCHhttps://github.com/openclaw/openclaw
• WEBhttps://github.com/openclaw/openclaw/commit/afa22acc4a09fdf32be8a167ae216bee85c30dad
• WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-v3j7-34xh-6g3w
• WEBhttps://www.vulncheck.com/advisories/openclaw-gateway-token-disclosure-via-chrome-cdp-probe