HIGH SEVERITY
CLAWJACKED ATTACK CHAIN
Zero-Click WebSocket Exploit  |  OpenClaw AI Agent Hijacking
CVE-2026-25253
ATTACKER
new WebSocket(
  'ws://localhost'
  + ':18789')
NO ORIGIN CHECK
BYPASSES CORS
OPENCLAW GATEWAY
auto_pair:   true
rate_limit:  OFF
origin_check: NONE
SHADOW DEVICE
AUTO-PAIRED
FULL WORKSTATION COMPROMISE
Gmail OAuth   → EXFILTRATED
Slack OAuth   → EXFILTRATED
GitHub OAuth → EXFILTRATED
Shell Access  → ACTIVE
$ grep 'device_register' gateway.log
[02:14:03] WebSocket connected  origin: evil.com
[02:14:03] device_register: shadow_device_01
[02:14:04] brute_force: 847 attempts/sec
[02:14:04] access: FULL CONTROL GRANTED
7
CVEs IN
30 DAYS
40K+
SYSTEMS
COMPROMISED
0
CLICKS
REQUIRED
T.O. MERCER   |   SAFEPASSWORDGENERATOR.NET
MARCH 2026   |   SECURITY ADVISORY