OpenClaw Path Traversal Vulnerability Allowing Arbitrary File Read

A path traversal vulnerability has been identified in OpenClaw versions prior to 2026.2.17. This vulnerability exists in the resolution of the $include directive, allowing attackers with the ability to modify the OpenClaw configuration to read arbitrary local files outside the designated config directory. Exploitation can be achieved by specifying absolute paths, traversal sequences, or symlinks to access sensitive files that are readable by the OpenClaw process user, such as API keys and credentials.

Impact

Exploitation of this vulnerability can lead to unauthorized access to local secrets and credentials that are accessible to the OpenClaw process user, including API keys and private configuration materials.

Reproduction

To reproduce this vulnerability, modify the OpenClaw configuration file to include a path that escapes the top-level config directory or points to a sensitive file, such as '/etc/passwd'. This can be done by using absolute paths, traversal sequences, or by creating symlinks that point to external files. Once the configuration is saved, OpenClaw will read the specified file, exposing its contents.

Remediation

Users can update to OpenClaw version 2026.2.17 or later, where this vulnerability has been patched.