PT-2026-22352 · Npm · Openclaw
Published
2026-02-17
·
Updated
2026-02-17
CVSS v4.0
7.1
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N |
Summary
In OpenClaw versions prior to 2026.2.12, the gateway accepted an untrusted
sessionFile path when resolving the session transcript file. This could allow an authenticated gateway client to create and append OpenClaw session transcript records at an arbitrary path on the gateway host.Affected Versions
- Affected: openclaw
< 2026.2.12 - Patched: openclaw
>= 2026.2.12(recommended:>= 2026.2.13)
Impact
An authenticated gateway client could influence where the gateway writes transcript data by supplying
sessionFile outside of the sessions directory. Depending on deployment and filesystem permissions, this may enable arbitrary file creation and repeated appends, leading to configuration corruption and/or denial of service.This issue does not, by itself, provide a proven remote code execution path.
Fix
The transcript path is now constrained to the sessions directory via
resolveSessionFilePath(...) containment checks.Fix commits:
- 4199f9889f0c307b77096a229b9e085b8d856c26
- (compat) 25950bcbb8ba4d8cde002557f6e27c219ae4deda
Credits
Thanks to @tubadeligoz for the report.
Fix
Relative Path Traversal
OS Command Injection
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openclaw