OpenClaw Path Traversal Vulnerability via @-Prefixed Absolute Paths
Vulnerability
A path traversal vulnerability has been identified in OpenClaw versions prior to 2026.2.24. This vulnerability allows @-prefixed absolute paths to bypass workspace-only file-system boundary validation, creating a canonicalization mismatch. When the workspace-only option is enabled, attackers can exploit this vulnerability by using @-prefixed paths, such as @/etc/passwd, to access files outside the designated workspace boundaries.
Impact
Exploitation of this vulnerability could lead to unauthorized access to files outside the intended workspace boundary, potentially exposing sensitive information.
Reproduction
To reproduce this vulnerability, enable the 'tools.fs.workspaceOnly' option. Then, use a tool that checks workspace paths and provide an @-prefixed absolute path, such as @/etc/passwd. The tool should bypass the workspace boundary validation and allow access to the file outside the intended limits.
Remediation
Users can update to OpenClaw version 2026.2.24 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.