『OpenClaw安全』CVE-2026-25253:ClawJacked One-Click RCE

环境

使用漏洞修复前一个版本

https://github.com/openclaw/openclaw/tree/v2026.1.24

按照官方教程安装，此时老版本还是叫clawdbot

cd openclaw-2026.1.24
pnpm install
pnpm ui:build
pnpm build
pnpm setup
source ~/.zshrc
pnpm link --global
clawdbot onboard --install-daemon
clawdbot doctor
clawdbot doctor --fix
clawdbot gateway status

http://domain:18789/?token=xxx跳转成功

PoC

确保gatewayUrl可用

ws监听+one-click集成

参考

• https://hackers-arise.com/cve-2026-25253-how-malicious-links-can-steal-authentication-tokens-and-compromise-openclaw-ai-systems/
• https://www.sonicwall.com/blog/openclaw-auth-token-theft-leading-to-rce-cve-2026-25253
• https://github.com/ethiack/moltbot-1click-rce
• https://www.secrss.com/articles/88425