New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
HIGH 7.7 npm

OpenClaw's browser act interactions could bypass private-network navigation checks

GHSA-2hfg-4fh4-qp7f · CVE-2026-53812

Published · Modified

Description

Summary

OpenClaw's browser control SSRF checks blocked direct navigation to private or loopback URLs, but some Playwright act interactions could trigger navigation after the initial check. A later browser evaluation could then read from the page reached by that action-triggered navigation.

This issue is specific to browser control actions and private-network navigation policy. Browser evaluation remains an intentional trusted-operator feature when it is used on pages that policy allowed the browser to visit.

Affected configurations

This affects deployments where browser control is enabled and an authenticated browser-control caller can interact with an attacker-controlled page that redirects or navigates the tab to a private-network target through a UI action.

Impact

If the browser reached a private page through an unchecked action-triggered navigation, a caller with browser evaluation capability could read page content that direct navigation policy would have blocked.

The issue does not grant access to OpenClaw without authentication. It bypasses the private-network navigation guard for a specific browser action path.

Patched Versions

The first stable patched version is 2026.5.18.

Mitigations

Upgrade to openclaw@2026.5.18 or later. Before upgrading, restrict browser-control access to trusted operators and avoid using browser control on untrusted pages in environments with sensitive private web services.

Ready to move

Start Securing

Free, no credit card | First findings in minutes