OpenClaw versions prior to 2026.2.21 improperly parse the left-most X-Forwarded-For header value when requests originate from configured…
VulnCheck·CWE-345·Published 2026-03-03
OpenClaw versions prior to 2026.2.21 improperly parse the left-most X-Forwarded-For header value when requests originate from configured trusted proxies, allowing attackers to spoof client IP addresses. In proxy chains that append or preserve header values, attackers can inject malicious header content to influence security decisions including authentication rate-limiting and IP-based access controls.
OpenClaw versions prior to 2026.2.21 improperly parse the left-most X-Forwarded-For header value when requests originate from configured trusted proxies, allowing attackers to spoof client IP addresses. In proxy chains that append or preserve header values, attackers can inject malicious header content to influence security decisions including authentication rate-limiting and IP-based access controls.
### Summary OpenClaw used left-most `X-Forwarded-For` values when requests came from configured trusted proxies. In proxy chains that append/preserve header values, this could let attacker-controlled header content influence security decisions tied to client IP. ### Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.2.19-2` - Patched: `2026.2.21` (planned next release) ### Impact Possible client-IP spoofing in security-sensitive paths (for example auth rate-limit identity and local/private classification) for deployments behind trusted proxies with non-recommended forwarding behavior. ### Scope Note OpenClaw docs recommend reverse proxies overwrite (not append/preserve) inbound forwarding headers. This condition reduces severity. ### Fix Commit(s) - `07039dc089e51589a213ec0d16f8d6f2cd871fa1` - `8877bfd11ec7760b115b2d0d7500a45da2749747` ### Release Process Note `patched_versions` is pre-set to the planned next release (`2026.2.21`). After npm release is out, publish this advisory. OpenClaw thanks @AnthonyDiSanti for reporting.
### Summary OpenClaw used left-most `X-Forwarded-For` values when requests came from configured trusted proxies. In proxy chains that append/preserve header values, this could let attacker-controlled header content influence security decisions tied to client IP. ### Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.2.19-2` - Patched: `2026.2.21` (planned next release) ### Impact Possible client-IP spoofing in security-sensitive paths (for example auth rate-limit identity and local/private classification) for deployments behind trusted proxies with non-recommended forwarding behavior. ### Scope Note OpenClaw docs recommend reverse proxies overwrite (not append/preserve) inbound forwarding headers. This condition reduces severity. ### Fix Commit(s) - `07039dc089e51589a213ec0d16f8d6f2cd871fa1` - `8877bfd11ec7760b115b2d0d7500a45da2749747` ### Release Process Note `patched_versions` is pre-set to the planned next release (`2026.2.21`). After npm release is out, publish this advisory. OpenClaw thanks @AnthonyDiSanti for reporting.
Versiones de OpenClaw anteriores a 2026.2.21 analizan incorrectamente el valor del encabezado X-Forwarded-For más a la izquierda cuando las solicitudes se originan de proxies de confianza configurados, permitiendo a los atacantes suplantar direcciones IP del cliente. En cadenas de proxies que añaden o preservan valores de encabezado, los atacantes pueden inyectar contenido de encabezado malicioso para influir en decisiones de seguridad, incluyendo la limitación de tasa de autenticación y controles de acceso basados en IP.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 5.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
| 3.1 | Primary | NVD | 5.3 | 3.9 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
| 3.1 | Secondary | GHSA | 5.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
| 3.1 | Secondary | NVD | 5.3 | 3.9 | 1.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
| 4.0 | Primary | cve.org | 6.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
| 4.0 | Secondary | GHSA | 6.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 6.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |