OpenClaw Command Injection Vulnerability in Windows Scheduled Task Script Generation

A command injection vulnerability has been identified in OpenClaw versions prior to 2026.2.19. The issue arises in the Windows Scheduled Task script generation process, where environment variables are written to 'gateway.cmd' using unquoted 'set KEY=VALUE' assignments. This method allows shell metacharacters to escape the assignment context, enabling attackers to inject arbitrary commands. The vulnerability is exploited when the scheduled task script is generated and executed, with the command injection payload delivered through environment variable values containing metacharacters such as '&', '|', '^', '%', or '!'.

Impact

Exploitation of this vulnerability allows for command injection via the Windows Command Prompt, with injected commands executed in the context of the user running the scheduled task.

Reproduction

To reproduce this vulnerability, create a scheduled task that includes environment variables with unescaped metacharacters. When the task is executed, the injected commands will be executed in the Command Prompt, demonstrating the command injection flaw.

Remediation

Users can update to OpenClaw version 2026.2.19 or later, where this vulnerability has been patched.