PT-2026-25451 · Npm · Openclaw
Published
2026-03-03
·
Updated
2026-03-03
CVSS v4.0
7.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N |
Summary
stageSandboxMedia allowed destination symlink traversal during media staging, which could overwrite files outside the sandbox workspace root.Impact
When sandbox media staging handled inbound files, destination writes under
media/inbound were not destination-alias-safe. If a symlink existed in that destination path, the write could follow it and overwrite host files outside the intended sandbox workspace boundary.Affected Packages / Versions
- Package:
openclaw(npm) - Latest published version checked:
2026.3.1 - Affected:
<= 2026.3.1 - Patched versions:
>= 2026.3.2(released)
Root Cause
stageSandboxMedia validated source paths but wrote destination files with a direct copy path that did not enforce destination boundary/alias checks.Remediation
The fix routes staging writes through root-scoped safe write primitives for both local and SCP-staged attachments, preventing destination symlink traversal escapes.
Fix Commit(s)
17ede52a4be3034f6ec4b883ac6b81ad0101558a
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openclaw