GHSA-2rqg-gjgv-84jm: Workspace Boundary Bypass and Sandbox Escape in OpenClaw
Vulnerability ID: GHSA-2RQG-GJGV-84JM
CVSS Score: 8.5
Published: 2026-03-13
A critical vulnerability in the OpenClaw gateway architecture allows subagents to bypass workspace sandboxes by manipulating RPC parameters. By supplying arbitrary paths during agent spawning, attackers can escape the designated execution directory and achieve arbitrary file read and write on the host filesystem.
TL;DR
OpenClaw versions prior to v2026.3.12 suffer from an Improper Access Control vulnerability. The gateway's agent RPC method blindly trusted user-supplied workspace directory paths, enabling attackers to escape the application sandbox and access the underlying host filesystem.
⚠️ Exploit Status: POC
Technical Details
- Vulnerability Type: Improper Access Control (Sandbox Escape)
- CWE ID: CWE-284
- Attack Vector: Network (RPC API)
- Privileges Required: Low (Write permissions / Subagent access)
- Exploit Status: Proof-of-Concept / Active
- Impact: High (Arbitrary File Read/Write, Privilege Escalation)
Affected Systems
- OpenClaw Gateway Service
- OpenClaw Agent Orchestration Component
-
openclaw: < v2026.3.12 (Fixed in:
v2026.3.12)
Mitigation Strategies
- Upgrade the openclaw package to the patched version.
- Implement the principle of least privilege for the OpenClaw service account.
- Apply Mandatory Access Control (MAC) profiles to restrict filesystem access.
- Monitor RPC logs for abnormal parameter usage.
Remediation Steps:
- Identify all systems running the openclaw package via dependency scanning.
- Update the package version to v2026.3.12 or later in package.json.
- Rebuild and redeploy the OpenClaw application containers.
- Verify the application logs to ensure no deprecated parameters are being processed.
- Conduct a forensic review of historical logs for indicators of compromise.
References
Read the full report for GHSA-2RQG-GJGV-84JM on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)