#password-brute-force

[ follow ]
#ai-security-vulnerability #openclaw #localhost-exploitation #websocket-security #ai-security #vulnerability
Information security
fromSecurityWeek
2 weeks ago

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

OpenClaw AI assistant vulnerability allowed attackers to hijack agents through malicious websites by exploiting localhost assumptions and rate limiter exemptions for loopback connections.
Information security
fromThe Hacker News
3 weeks ago

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw fixed a high-severity vulnerability allowing malicious websites to hijack locally running AI agents through password brute-forcing and unauthorized device registration.
[ Load more ]