The founder of OpenClaw replied to confirm that 360 has exclusively discovered the vulnerability.

On March 22nd, the 360 Security Cloud team received an official email from Peter, the founder of OpenClaw. In the reply, Peter officially confirmed the Open Claw Gateway WebSocket unauthorized upgrade vulnerability discovered exclusively by the 360 team. Currently, 360 has synchronized this high-risk vulnerability to the National Information Security Vulnerability Sharing Platform, assisting in cutting off the source of risk across the entire network at the first time. This confirmed WebSocket unauthorized upgrade vulnerability is a zero-day vulnerability, allowing attackers to exploit the vulnerability to bypass permission authentication through WebSocket silently, gain control of the intelligent body gateway, and potentially lead to exhaustion of system resources or complete collapse.