OpenClaw Path Traversal Vulnerability via Unsanitized sessionId and sessionFile Parameters

A path traversal vulnerability has been identified in OpenClaw versions prior to 2026.2.12. The issue arises because the application constructs transcript file paths using unsanitized sessionId parameters and sessionFile paths, without enforcing that they remain within the designated agent sessions directory. This flaw allows authenticated attackers to exploit path traversal sequences, such as ../../etc/passwd, in the sessionId or sessionFile parameters to read or write arbitrary files outside the agent sessions directory.

Impact

Exploitation of this vulnerability allows for path traversal, enabling the reading or writing of files outside the intended directory, potentially leading to the exposure of sensitive information or unauthorized modification of files.

Reproduction

To reproduce this vulnerability, an authenticated user can send a request to the OpenClaw gateway with a crafted sessionId or sessionFile parameter that includes path traversal sequences. The gateway must be configured to accept the request, and the sessionId or sessionFile must be crafted to escape the intended directory and access sensitive files, such as the passwd file on a Unix-like system.

Remediation

Users are advised to upgrade to OpenClaw version 2026.2.12 or later, where this vulnerability has been fixed by validating session IDs, rejecting path separators and traversal sequences, and enforcing sessions-directory containment for transcript file operations.