OpenClaw Path Traversal Vulnerability in Hook Transform Module Loading Allows Arbitrary JavaScript Execution

A path traversal vulnerability has been identified in OpenClaw versions 2.0.0-beta3 prior to 2026.2.14. This vulnerability exists in the hook transform module loading process, where the 'hooks.mappings[].transform.module' parameter can accept absolute paths and traversal sequences. This flaw enables attackers with the ability to write configuration to load and execute malicious JavaScript modules with the same privileges as the OpenClaw gateway process.

Impact

Exploitation of this vulnerability could lead to unauthorized loading and execution of JavaScript modules, allowing attackers to execute arbitrary code within the OpenClaw gateway process.

Reproduction

To reproduce this vulnerability, first configure a hook mapping that points to a transform module path that escapes the intended directory, such as by using relative traversal sequences. Then, place a malicious ECMAScript module at the resolved location that executes arbitrary code in the OpenClaw gateway process. Finally, trigger the hook endpoint with the appropriate hook token.

Remediation

Users can update to OpenClaw version 2026.2.14 or later, where this vulnerability has been patched. After updating, ensure that 'hooks.transformsDir' is set to a directory within the OpenClaw transforms root directory, which is typically '~/.openclaw/hooks/transforms'.