220k+ ai agent instances exposed on public internet with no auth, this is bad
Summary
Over 220,000 instances of AI agents, primarily Openclaw deployments, are publicly exposed on the internet without any authentication, mostly on port 18789. These instances, hosted on major cloud infrastructure providers like Tencent, Oracle, Baidu, Alibaba, Huawei, and AWS, allow direct access to the agent interface without login or API keys. Some exposed agents even display leaked credentials, including API keys and passwords. This situation is deemed more critical than an exposed database, as these autonomous agents can execute code, call APIs, access filesystems, and make decisions, posing significant security risks for production environments.
Key takeaway
For CTOs and VPs of Engineering deploying AI agents, you must prioritize robust authentication and secure configuration from the outset. Your teams should implement mandatory authentication for all agent instances, especially those on public IPs, and ensure sensitive credentials are never visible in user interfaces. Failing to do so risks critical data breaches, unauthorized code execution, and potential compromise of production systems.
Key insights
Over 220,000 AI agent instances are publicly exposed without authentication, posing severe security risks.
Principles
- Authentication must be default, not optional.
- Autonomous agents amplify security risks.
In practice
- Enforce authentication for all agent deployments.
- Never display API keys in user interfaces.
Topics
- AI Agent Security
- Openclaw Deployments
- Cloud Infrastructure Vulnerabilities
- Authentication Bypass
- AI Safety
Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Engineer, MLOps Engineer, AI Security Engineer
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Artificial Intelligence.