OpenClaw ZIP Extraction Race Condition Vulnerability Allowing Arbitrary File Write

A race condition vulnerability has been identified in OpenClaw versions prior to 2026.3.2, allowing local attackers to write files outside the intended destination directory during ZIP extraction. This issue arises from a timing discrepancy between path validation and file write operations, which attackers can exploit by manipulating parent-directory symlinks. The vulnerability takes advantage of the gap between validation and truncation processes in the archive handling code, redirecting file writes outside the designated extraction root.

Impact

Exploitation of this vulnerability could lead to unauthorized file writes outside the intended directory, potentially overwriting existing files or creating new ones in sensitive locations.

Reproduction

The vulnerability can be reproduced by creating a ZIP file that includes a symlinked directory entry. During the extraction process, the parent directory symlink can be manipulated to redirect file writes outside the intended extraction directory. This can be achieved by using a realpath symlink rebind race, which takes advantage of the timing between the path validation and the actual write operation.

Remediation

Users can upgrade to OpenClaw version 2026.3.2 or later to address this vulnerability.