Industry Newsagentic aiopen sourcesecurityscorecardvulnerabilities

OpenClaw Exposes Over 135,000 Internet-Facing Instances

||By LDS Team
9.2
Relevance Score
OpenClaw Exposes Over 135,000 Internet-Facing Instances
Photo: blogger.googleusercontent.com · rights & takedowns

SecurityScorecard's STRIKE team on Monday reported more than 135,000 internet-exposed OpenClaw instances, up from about 40,000 earlier the same day, and over 50,000 vulnerable to a known RCE bug. STRIKE says default network bindings and insecure skills have turned the open-source agent into a high-value attack vector, urging immediate configuration changes and cautious organizational deployment.

Key Points

  • 1Finds more than 135,000 internet-facing OpenClaw instances, with RCE-vulnerable systems soaring above 50,000
  • 2Warns default network bindings and insecure skill extensions create high-value targets exploitable at scale
  • 3Advise change binding to localhost, test in isolated VMs, and limit agent data and external access

Scoring Rationale

High urgency and broad organizational impact drive the score; limited novel vulnerabilities beyond rapidly escalating exposure counts reduces uniqueness.

Sources

Public references used for this report.

4 sources

Practice interview problems based on real data

1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems