PT-2026-22433 · Npm · Openclaw

Publicado

2026-02-18

·

Atualizado

2026-02-18

CVSS v4.0

8.4

Alta

VetorAV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Description

OpenClaw versions <= 2026.2.9 construct transcript file paths using an unsanitized sessionId and also accept sessionFile paths without enforcing that they stay within the agent sessions directory.
A crafted sessionId and/or sessionFile (example: ../../etc/passwd) can cause path traversal when the gateway performs transcript file read/write operations.
Preconditions: an attacker must be able to authenticate to the gateway (gateway token/password). By default the gateway binds to loopback (local-only); configurations that expose the gateway widen the attack surface.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Affected: <= 2026.2.9
  • Fixed: >= 2026.2.12

Fix

Fixed by validating session IDs (rejecting path separators / traversal sequences) and enforcing sessions-directory containment for session transcript file operations.

Fix Commit(s)

  • 4199f9889f0c307b77096a229b9e085b8d856c26

Additional Hardening

  • cab0abf52ac91e12ea7a0cf04fff315cf0c94d64

Mitigation

Upgrade to openclaw >= 2026.2.12.
Thanks @akhmittra for reporting.

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

GHSA-5XFQ-5MR7-426Q

Produtos afetados

Openclaw