It’s also only 65% of those that have zero authentication configured, according to that post (which I have done nothing to confirm or challenge at all… Frankly I wouldn’t touch OpenClaw with a ten foot… cable?) That said, I think it’s far more important to get people’s attention who might otherwise not realize how closely they need to pay attention to CVEs than it is to avoid hyperbole in headlines.

▲

codechicago277 3 hours ago | parent [-]

Not if this is crying wolf and causing those same people to ignore the very real security risks with using OpenClaw.

▲

DrewADesign 3 hours ago | parent [-]

How is 20% of users getting pwned ”crying wolf” by any reasonable measure? This is a zero authentication admin access vulnerability.

▲

codechicago277 an hour ago | parent | next [-]

Because 20% is not “probably got hacked” and overstates the problem for most users.

That doesn’t mean this isn’t a critical vulnerability, and I think it’s insane to run OpenClaw in its current state. But the current headline will burn your credibility, because 80% of users will be fine with no action, and they’ll take future security issues less seriously as a result.

▲

nickthegreek an hour ago | parent | prev [-]

All the numbers you are using appear to be made up by the reddit poster. I say that as they provided no citation to them (for all I know they got them from an AI). I attempted to verify any of the numbers he used and could not. By exaggerating the numbers he is crying wolf.

	▲	DrewADesign 23 minutes ago \| parent [-]
		Well the post was removed so it doesn’t lend a lot of support to their claims.