OpenClaw Path Traversal Vulnerability in Media Parsing Allowing Arbitrary File Read
Vulnerability
A path traversal vulnerability has been identified in OpenClaw versions through 2026.3.23, excluding the patched version in commit 4797bbc. This vulnerability arises in the media parsing component, where inadequate path validation in the functions 'isLikelyLocalPath()' and 'isValidMedia()' allows attackers to bypass restrictions and access arbitrary files. Exploitation of this vulnerability can lead to the disclosure of sensitive information, including system files, environment files, and SSH keys, by referencing files outside the intended application sandbox.
Impact
Exploitation of this vulnerability allows for arbitrary file read access, bypassing application sandbox restrictions and potentially disclosing sensitive information such as system files, environment files, and SSH keys.
Reproduction
The vulnerability can be reproduced by using the media parsing functions 'isLikelyLocalPath()' and 'isValidMedia()'. The 'allowBareFilename' option can be used to bypass path validation, enabling the reference of files outside the application's sandbox. This can be tested by providing traversal patterns or home-directory references that the original validation would have rejected, such as paths leading to sensitive files like '.env' or SSH keys.
Remediation
Users can update to OpenClaw version 2026.3.23 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.