OpenClaw Command Hijacking Vulnerability via Unsafe PATH Handling

A command hijacking vulnerability has been identified in OpenClaw versions prior to 2026.2.14. This vulnerability allows attackers to execute unintended binaries by manipulating PATH environment variables. Exploitation can occur through node-host execution or project-local bootstrapping. Attackers with authenticated access to node-host execution surfaces, or those running OpenClaw in attacker-controlled directories, can place malicious executables in PATH to override allowlisted safe-bin commands, leading to arbitrary command execution.

Impact

Exploitation of this vulnerability allows for command hijacking, where an attacker can execute arbitrary commands by manipulating the PATH environment variable.

Reproduction

To reproduce this vulnerability, an attacker must have authenticated access to a node-host execution surface that can invoke commands. This can be done through a compromised gateway or by using a token that grants access. Once access is obtained, the attacker can place a malicious executable in a directory that is prioritized in the PATH, effectively overriding a safe-bin command that OpenClaw would execute. This can be done by using the 'system.run' command to invoke the node-host execution with a request-scoped PATH override that points to the malicious executable.

Remediation

Users can update to OpenClaw version 2026.2.14 or later, where this vulnerability has been patched.