OpenClaw Security Hardening Checklist: How to Audit and Lock Down Your Deployment
SecurityScorecard’s STRIKE team published alarming research this week: 40,214 internet-exposed OpenClaw instances — 42,900 unique IPs across 82 countries — are reachable from the public internet. Of those, 35.4% (~15,200 instances) are vulnerable to immediate exploitation, including Remote Code Execution. Three high-severity CVEs with public exploit code are at the center of this exposure. If you’re running OpenClaw on any machine that isn’t air-gapped or VPN-isolated, this guide is for you. ...