TechFlow News: On March 22, according to JINSHI Data, the Qihoo 360 Cloud Security Team received an official email from Peter, founder of OpenClaw. In his reply, Peter officially confirmed the OpenClaw Gateway WebSocket unauthenticated upgrade vulnerability, which was exclusively discovered by the Qihoo 360 team. Qihoo 360 has already reported this critical vulnerability to the China National Vulnerability Database (CNVD) to help cut off the risk source across the network as soon as possible. This confirmed WebSocket unauthenticated upgrade vulnerability is a zero-day (0Day) vulnerability; attackers can exploit it to silently bypass authentication via WebSocket and gain control over the agent gateway, potentially leading to resource exhaustion or complete system collapse.
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / support@techflowpost.com ICP License: 琼ICP备2022009338号
