DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-47Q7-97XP-M272: GHSA-47Q7-97XP-M272: Cleartext Credential Exposure via Configuration Persistence in OpenClaw

#security #cve #cybersecurity #ghsa

GHSA-47Q7-97XP-M272: Cleartext Credential Exposure via Configuration Persistence in OpenClaw

Vulnerability ID: GHSA-47Q7-97XP-M272
CVSS Score: 7.4
Published: 2026-03-02

A critical information disclosure vulnerability exists in the OpenClaw AI assistant's configuration management subsystem. When processing configuration files that utilize environment variable interpolation (e.g., ${API_KEY}), certain write operations—such as updates or repairs—inadvertently resolve these references to their runtime values and persist the cleartext secrets back to the disk. This effectively converts ephemeral, secure configuration references into permanent, plaintext credentials stored within openclaw.json, significantly increasing the risk of accidental secret leakage via version control or backup mechanisms.

TL;DR

Running maintenance commands like openclaw doctor or update silently replaces secure environment variable placeholders (e.g., ${KEY}) in your config file with the actual cleartext secret values, permanently writing them to disk.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-312
  • Vulnerability Type: Information Disclosure
  • Attack Vector: Local / File System
  • Impact: Confidentiality Loss
  • Affected Component: Config I/O (openclaw.json)
  • CVSS Score: 7.4 (High)

Affected Systems

  • OpenClaw Personal AI Assistant
  • OpenClaw CLI Tools
  • OpenClaw: <= v2026.2.6-3 (Fixed in: v2026.2.7)

Code Analysis

Commit: 4900

fix(doctor): preserve ${VAR} env var references when writing config

Mitigation Strategies

  • Upgrade to patched software version
  • Secret rotation
  • Configuration auditing
  • Version control exclusion

Remediation Steps:

  1. Upgrade OpenClaw to version v2026.2.7 or higher.
  2. Inspect openclaw.json for any cleartext API keys or tokens.
  3. If keys are found, revoke and rotate them immediately via the respective provider (OpenAI, Anthropic, etc.).
  4. Restore the ${VAR_NAME} syntax in openclaw.json.
  5. Ensure openclaw.json is listed in .gitignore to prevent accidental commits.

References

Read the full report for GHSA-47Q7-97XP-M272 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)