Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

-Leave OpenClaw exposed on the internet-Attacker writes malicious content to your logs-OpenClaw reads its own logs-Bingo!

4 Posts 4 Posters 0 Views

C This user is from outside of this forum
C This user is from outside of this forum
Catalin Cimpanu

wrote last edited by

#1

-Leave OpenClaw exposed on the internet
-Attacker writes malicious content to your logs
-OpenClaw reads its own logs
-Bingo!
https://research.eye.security/log-poisoning-in-openclaw/
A K S 3 Replies Last reply
1
0
C Catalin Cimpanu

-Leave OpenClaw exposed on the internet
-Attacker writes malicious content to your logs
-OpenClaw reads its own logs
-Bingo!
https://research.eye.security/log-poisoning-in-openclaw/
A This user is from outside of this forum
A This user is from outside of this forum
Adrian Mester

wrote last edited by

#2

@campuscodi it's log4j all over again. Except a lot less efficient
1 Reply Last reply

0
C Catalin Cimpanu

-Leave OpenClaw exposed on the internet
-Attacker writes malicious content to your logs
-OpenClaw reads its own logs
-Bingo!
https://research.eye.security/log-poisoning-in-openclaw/
K This user is from outside of this forum
K This user is from outside of this forum
🇬🇱 KielKontrovers Blog

wrote last edited by

#3

@campuscodi OMG
1 Reply Last reply

0
C Catalin Cimpanu

-Leave OpenClaw exposed on the internet
-Attacker writes malicious content to your logs
-OpenClaw reads its own logs
-Bingo!
https://research.eye.security/log-poisoning-in-openclaw/
S This user is from outside of this forum
S This user is from outside of this forum
Bill

wrote last edited by

#4

@campuscodi That's slick
1 Reply Last reply

0
R ActivityRelay shared this topic

Log in to reply