DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-R6QF-8968-WJ9Q: GHSA-R6QF-8968-WJ9Q: Security Gating Bypass via Off-By-One Logic Error in OpenClaw system.run

#security #cve #cybersecurity #ghsa

GHSA-R6QF-8968-WJ9Q: Security Gating Bypass via Off-By-One Logic Error in OpenClaw system.run

Vulnerability ID: GHSA-R6QF-8968-WJ9Q
CVSS Score: Moderate
Published: 2026-03-09

An off-by-one boundary condition in the OpenClaw system.run command dispatcher permits attackers to bypass mandatory shell approval prompts in security=allowlist mode.

TL;DR

A logic error in OpenClaw's command unwrapping mechanism allows attackers to bypass security gating by nesting exactly four command wrappers, leading to unapproved shell command execution.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-193: Off-by-one Error
  • Attack Vector: Network / Authenticated Interface
  • Impact: Security Gating Bypass / Unauthorized Command Execution
  • Exploit Status: Proof of Concept Available
  • Affected Component: src/infra/exec-wrapper-resolution.ts
  • CVSS Severity: Moderate

Affected Systems

  • OpenClaw system.run command dispatcher
  • OpenClaw security=allowlist gating module
  • OpenClaw: < 2026.3.7 (Fixed in: 2026.3.7)

Code Analysis

Commit: 2fc95a7

Fix off-by-one error in exec-wrapper-resolution boundary check

- if (depth >= MAX_DISPATCH_WRAPPER_DEPTH) {
+ if (depth > MAX_DISPATCH_WRAPPER_DEPTH) {
Enter fullscreen mode Exit fullscreen mode

Exploit Details

Mitigation Strategies

  • Update OpenClaw to version 2026.3.7 or later.
  • Restrict network or credentialed access to the system.run command dispatcher interface.
  • Monitor system process execution logs for deeply nested shell wrapper calls.

Remediation Steps:

  1. Verify the currently installed version of OpenClaw.
  2. Download version 2026.3.7 from the official repository.
  3. Deploy the updated binaries or containers to the production environment.
  4. Restart the OpenClaw service to ensure the patched execution logic is loaded.
  5. Execute a test payload with nested wrappers to confirm the ask=on-miss prompt triggers correctly.

References

Read the full report for GHSA-R6QF-8968-WJ9Q on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)