135,000+ OpenClaw instances exposed to the internet, researchers warn
SecurityScorecard STRIKE found more than 135,000 internet-facing OpenClaw instances, many vulnerable to known RCE bugs and linked to prior breaches, driven by unsafe defaults and malicious skills.
- STRIKE detected over 135,000 internet-facing OpenClaw instances, up from about 40,000 when the report was first published.
- More than 50,000 instances are now vulnerable to a known remote code execution bug, rising from 12,812 in the initial report.
- Instances linked to previously reported breaches increased from 549 to over 53,000 as detections climbed.
- Out of the box OpenClaw binds to 0.0.0.0:18789, which exposes the agent to all network interfaces instead of localhost.
- OpenClaw skill store is reported to host malicious extensions and recent CVEs can expose API keys, credit card data, and personal information.
- Researchers recommend changing the network binding to localhost, testing deployments in isolated virtual machines, and limiting agent access before using in organizations.