The security advisory pertains to a Docker Compose stack that integrates OpenClaw, an AI agent runtime with tools and memory capabilities, with Open WebUI as the frontend interface. The stack is designed for ease of use, requiring minimal configuration post-installation. However, this setup introduces several potential vulnerabilities related to container isolation, shared secrets handling, and exposed ports. Specifically, the browser container within the stack could be exploited if it has unrestricted internet access or if it is improperly isolated from other containers. Additionally, the exposed port 3000 for Open WebUI poses a risk of unauthorized access if not properly secured with strong authentication mechanisms.
- OpenClaw Docker Compose stack
- Open WebUI Docker image
- Configure firewall rules to restrict access to port 3000 to trusted IP addresses only. Use command: `sudo ufw allow from
to any port 3000`. - Update OpenClaw's configuration file (openclaw.json) with a strong, unique shared secret for authentication between the gateway and frontend. Ensure this value is not hardcoded or stored in version control.
- Enable network isolation by setting `network_mode: none` in Docker Compose file for containers that do not require internet access.
- Regularly update OpenClaw and Open WebUI to their latest versions, ensuring security patches are applied.
The impact on common homelab stacks is significant if proper security measures are not implemented. Containers running with default settings may expose sensitive data or be vulnerable to external attacks through the exposed port.