SecurityScorecard's STRIKE team on Monday reported more than 135,000 internet-exposed OpenClaw instances, up from about 40,000 earlier the same day, and over 50,000 vulnerable to a known RCE bug. STRIKE says default network bindings and insecure skills have turned the open-source agent into a high-value attack vector, urging immediate configuration changes and cautious organizational deployment.
Key Points
- 1Finds more than 135,000 internet-facing OpenClaw instances, with RCE-vulnerable systems soaring above 50,000
- 2Warns default network bindings and insecure skill extensions create high-value targets exploitable at scale
- 3Advise change binding to localhost, test in isolated VMs, and limit agent data and external access
Scoring Rationale
High urgency and broad organizational impact drive the score; limited novel vulnerabilities beyond rapidly escalating exposure counts reduces uniqueness.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
