GHSA-f8r2-vg7x-gh8m: Path Overmatching and Command Execution Bypass in OpenClaw
Vulnerability ID: GHSA-F8R2-VG7X-GH8M
CVSS Score: 5.3
Published: 2026-03-13
OpenClaw versions up to 2026.3.8 suffer from an improper input validation vulnerability in the command execution allowlist mechanism. Flawed pattern matching logic, including improper lowercasing on POSIX systems and broad glob wildcard handling, allows an attacker to bypass execution restrictions and invoke unauthorized commands.
TL;DR
A path overmatching flaw in OpenClaw's execution allowlist permits unauthorized command execution on POSIX systems by exploiting case insensitivity and broad glob wildcard matching.
⚠️ Exploit Status: POC
Technical Details
- Vulnerability Type: Improper Input Validation / Path Overmatching
- CWE IDs: CWE-178, CWE-1286, CWE-22
- CVSS v4 Score: 5.3 (Medium)
- Attack Vector: Network
- Exploit Status: Proof of Concept (PoC)
- Impact: Unauthorized Command Execution / RCE
Affected Systems
- OpenClaw (formerly Moltbot/ClawdBot) running on POSIX systems (Linux, macOS)
-
openclaw: <= 2026.3.8 (Fixed in:
2026.3.11)
Mitigation Strategies
- Upgrade the openclaw package to a patched version
- Audit and harden execution allowlist configurations
- Enforce principle of least privilege for the OpenClaw service
Remediation Steps:
- Identify the current version of the openclaw package running in the environment.
- Run 'npm install openclaw@2026.3.12' to upgrade to the secure release.
- Review the configuration files containing the execution allowlist.
- Replace any entries utilizing the '?' wildcard with explicit, absolute paths to required binaries.
- Restart the OpenClaw gateway services to apply the updated code and configurations.
References
- GitHub Advisory: GHSA-F8R2-VG7X-GH8M
- OpenClaw Release Blog
- OSV Entry: GHSA-f8r2-vg7x-gh8m
- OpenClaw Repository
Read the full report for GHSA-F8R2-VG7X-GH8M on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)