OpenClaw, an AI-based personal assistant, delivers an exceptional user experience but carries increasing security risks when granted high privileges. Telemetry reveals about 240,000 OpenClaw instances are reachable on the public internet, so users should avoid exposing instances directly and must audit configurations to minimize the attack surface. #OpenClaw #CloudServer
Keypoints
- OpenClaw can leak sensitive information if granted excessive privileges.
- Deploying instances on cloud servers and exposing them to the public internet greatly increases risk.
- A custom scanner found roughly 240,000 instances accessible by IP and port.
- Accessing an instance console requires an authentication token, preventing trivial unauthorized access.
- Users should audit configurations and patch vulnerabilities to reduce the potential attack surface.
Read More: https://securityonline.info/240000-openclaw-ai-instances-exposed-to-the-public-web/