OpenClaw Stdin-Only Policy Bypass Vulnerability in Grep Tool Allowing Arbitrary File Read
Vulnerability
A vulnerability exists in OpenClaw versions prior to 2026.2.21, allowing for a stdin-only policy bypass in the grep tool within 'tools.exec.safeBins'. This vulnerability enables attackers to read arbitrary files by supplying a pattern through the '-e' flag. By including a positional filename operand, attackers can bypass file access restrictions and access sensitive files, such as '.env', from the working directory.
Impact
Exploitation of this vulnerability allows for arbitrary file read access from the working directory, potentially exposing sensitive information.
Reproduction
To reproduce this vulnerability, add 'grep' to the 'tools.exec.safeBins' profile, which is not included by default. Once 'grep' is enabled, the vulnerability can be exploited by invoking the 'grep' command with the '-e' flag to specify a pattern, while also including a positional filename operand that references a file in the working directory, such as '.env'.
Remediation
Users can update to OpenClaw version 2026.2.21 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.