PANews|3月 22, 2026 09:07
[OpenClaw Founder Responds to Confirm 360's Exclusive Discovery of Vulnerability]
According to Jinshi reports, the 360 Security Cloud team received an official email from OpenClaw founder Peter. In his reply, Peter formally confirmed the exclusive discovery by the 360 team of the OpenClaw Gateway WebSocket unauthenticated upgrade vulnerability.
Currently, 360 has reported this high-risk vulnerability to the National Vulnerability Database of Information Security (CNVD), assisting in cutting off the risk source across the network at the earliest possible time. The confirmed WebSocket unauthenticated upgrade vulnerability is classified as a zero-day (0Day) vulnerability, which attackers can exploit to silently bypass authentication via WebSocket, gain control of the intelligent gateway, and potentially cause resource exhaustion or complete system collapse of the target system.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink