CVE-2026-28458 Overview
OpenClaw version 2026.1.20 prior to 2026.2.1 contains a missing authentication vulnerability (CWE-306) in the Browser Relay extension's /cdp WebSocket endpoint. When the Browser Relay extension is installed and enabled, the endpoint does not require authentication tokens, allowing malicious websites to connect via loopback and access sensitive data. Attackers can exploit this by connecting to ws://127.0.0.1:18792/cdp to steal session cookies and execute JavaScript in other browser tabs.
Critical Impact
Attackers can steal session cookies and execute arbitrary JavaScript in other browser tabs by exploiting the unauthenticated WebSocket endpoint, potentially leading to complete session compromise and cross-tab code execution.
Affected Products
- OpenClaw versions 2026.1.20 to versions prior to 2026.2.1
- OpenClaw Browser Relay extension (when installed and enabled)
Discovery Timeline
- 2026-03-05 - CVE-2026-28458 published to NVD
- 2026-03-05 - Last updated in NVD database
Technical Details for CVE-2026-28458
Vulnerability Analysis
This vulnerability stems from a fundamental authentication bypass in OpenClaw's Browser Relay extension. The /cdp WebSocket endpoint, which provides Chrome DevTools Protocol (CDP) access, fails to implement any authentication mechanism. This design flaw allows any local process or website to establish a WebSocket connection to the loopback address without presenting valid credentials.
The attack requires user interaction (the user must visit a malicious website), and the Browser Relay extension must be installed and enabled. Once these conditions are met, an attacker-controlled webpage can programmatically connect to the local WebSocket endpoint and leverage CDP capabilities to interact with the victim's browser session.
Root Cause
The root cause is Missing Authentication for Critical Function (CWE-306). The Browser Relay extension exposes a WebSocket endpoint at ws://127.0.0.1:18792/cdp that provides access to powerful browser debugging capabilities without requiring any form of authentication tokens or session validation. This allows unauthorized connections from any origin that can reach the loopback interface.
Attack Vector
The attack leverages network access through the loopback interface. A malicious website visited by the victim can establish a WebSocket connection to ws://127.0.0.1:18792/cdp. Through this connection, the attacker gains access to Chrome DevTools Protocol functionality, enabling:
- Session Cookie Theft: Extracting authentication cookies from the browser's storage
- Cross-Tab JavaScript Execution: Injecting and executing malicious JavaScript in other open browser tabs
- Sensitive Data Exfiltration: Accessing data from other browsing contexts
The vulnerability requires user interaction (visiting a malicious site) and the presence of the vulnerable extension, but once exploited, provides significant access to the victim's browser session. For detailed technical information, see the GitHub Security Advisory.
Detection Methods for CVE-2026-28458
Indicators of Compromise
- Unexpected WebSocket connections to 127.0.0.1:18792 from browser processes
- Network traffic showing WebSocket upgrade requests to the /cdp endpoint from external origins
- JavaScript execution or cookie access patterns that don't correlate with normal user activity
- Browser console logs indicating CDP connections from unauthorized sources
Detection Strategies
- Monitor local network traffic for WebSocket connections targeting port 18792 on the loopback interface
- Implement browser extension activity logging to detect unauthorized CDP endpoint access
- Deploy endpoint detection rules to identify processes establishing connections to the vulnerable WebSocket endpoint
- Review browser extension permissions and activity logs for anomalous behavior patterns
Monitoring Recommendations
- Configure SentinelOne agents to monitor for suspicious loopback WebSocket traffic patterns
- Enable detailed browser extension telemetry to capture connection attempts to local debugging endpoints
- Set up alerts for unexpected cross-origin WebSocket connections originating from browser tabs
- Implement network segmentation monitoring to detect lateral movement attempts following credential theft
How to Mitigate CVE-2026-28458
Immediate Actions Required
- Update OpenClaw to version 2026.2.1 or later immediately
- If immediate patching is not possible, disable the Browser Relay extension until the update can be applied
- Audit browser sessions for potential compromise and rotate session tokens for sensitive applications
- Review browser extension inventory to identify affected installations across the organization
Patch Information
OpenClaw has released a security fix in version 2026.2.1 that addresses the missing authentication issue in the Browser Relay's /cdp WebSocket endpoint. The patch introduces proper authentication token validation for WebSocket connections. For details on the fix implementation, refer to the GitHub Commit Update.
Additional resources:
Workarounds
- Disable the OpenClaw Browser Relay extension until the patched version can be deployed
- Configure local firewall rules to block incoming connections to port 18792 from non-local sources
- Implement browser policies to restrict extension network capabilities where possible
- Use network monitoring tools to detect and alert on connection attempts to the vulnerable endpoint
# Example: Block external access to the vulnerable port (Linux iptables)
# Note: This does not prevent localhost attacks but adds defense-in-depth
iptables -A INPUT -p tcp --dport 18792 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 18792 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
