Improper Restriction of Excessive Authentication Attempts in OpenClaw - #VU125128
Published: April 8, 2026
Vulnerability identifier: #VU125128
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-307
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper restriction of excessive authentication attempts in the hooks HTTP handler when handling non-POST requests to /hooks/*. A remote attacker can send repeated non-POST requests with an invalid token to cause a denial of service.
Impact is limited to temporary availability loss for hook-triggered wake or automation delivery, and exploitation may affect legitimate webhook delivery when requests collapse to the same hook auth client key, such as in shared proxy or NAT topologies.
Remediation
Install security update from vendor's website.