PT-2026-23536 · Openclaw · Openclaw
Tuba Deligoz
·
Published
2026-02-17
·
Updated
2026-03-07
·
CVE-2026-28459
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenClaw versions prior to 2026.2.12
Description
OpenClaw versions prior to 2026.2.12 do not properly validate the
sessionFile path parameter, potentially allowing authenticated gateway clients to write transcript data to arbitrary locations on the host filesystem. An attacker can supply a sessionFile path outside the sessions directory to create files and repeatedly append data, which could lead to configuration corruption or denial of service. The issue involves the gateway accepting an untrusted sessionFile path when resolving the session transcript file.Recommendations
Update OpenClaw to version 2026.2.12 or later.
Fix
Relative Path Traversal
OS Command Injection
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openclaw