#VU125128 Improper Restriction of Excessive Authentication Attempts in OpenClaw
Published: April 8, 2026
Vulnerability identifier: #VU125128
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-307
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
OpenClaw
OpenClaw
Software vendor:
OpenClaw
OpenClaw
Description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper restriction of excessive authentication attempts in the hooks HTTP handler when handling non-POST requests to /hooks/*. A remote attacker can send repeated non-POST requests with an invalid token to cause a denial of service.
Impact is limited to temporary availability loss for hook-triggered wake or automation delivery, and exploitation may affect legitimate webhook delivery when requests collapse to the same hook auth client key, such as in shared proxy or NAT topologies.
Remediation
Install security update from vendor's website.