Lintsinghua

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.3.13 **Description** OpenClaw is affected by a remote command injection issue in the iMessage attachment staging flow. The issue arises because unsanitized remote attachment paths containing shell metacharacters are passed directly to the SCP remote operand without validation. This enables command execution when remote attachment staging is enabled. The vulnerability allows attackers to execute arbitrary commands on configured remote hosts. **Recommendations** Update OpenClaw to version 2026.3.13 or later.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.3.12 **Description** The software embeds long-lived shared gateway credentials directly within pairing setup codes. These codes are generated by the `/pair` API endpoint and the `OpenClaw qr` command. If setup codes are leaked through chat history, logs, or screenshots, attackers can recover and reuse the credentials outside the intended one-time pairing process. **Recommendations** Update to version 2026.3.12 or later.

Name of the Vulnerable Software and Affected Versions OpenClaw versões anteriores a 2026.3.22 Description Quando a configuração `trustedProxies` está ativa, o software processa incorretamente o cabeçalho X-Forwarded-For, permitindo potencialmente que invasores falsifiquem saltos de loopback. Isso pode contornar a autenticação e as proteções de limitação de taxa, apresentando cabeçalhos falsificados, efetivamente mascarando-se como um cliente de loopback. Recommendations Atualize para a versão 2026.3.22 ou posterior.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.3.12 **Description** OpenClaw is susceptible to an authentication bypass issue in Feishu webhook mode. This occurs when only the `verificationToken` is configured, and the `encryptKey` is not. This allows unauthenticated attackers to inject forged Feishu events and potentially trigger the execution of downstream tools by reaching the webhook endpoint. The issue allows acceptance of forged events. **Recommendations** Versions prior to 2026.3.12 should be updated to version 2026.3.12 or later.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.3.12 **Description** OpenClaw automatically discovers and loads plugins from the `.OpenClaw/extensions/` directory without verifying their trustworthiness, which can lead to arbitrary code execution. An attacker can exploit this by including malicious workspace plugins in cloned repositories. When a user runs OpenClaw from such a directory, the malicious code is executed. The application automatically ingests extensions from the `.OpenClaw/extensions/` path, increasing the risk of arbitrary code execution as malicious code could be executed without verification. **Recommendations** Update OpenClaw to version 2026.3.12 or later.