OpenClaw Allowlist Bypass Vulnerability in System.run Approvals
Vulnerability
A vulnerability allowing an allowlist bypass in OpenClaw has been identified, specifically in versions prior to 2026.3.22. This issue arises within system.run approvals, where the application fails to properly unwrap wrappers from the time command. As a result, attackers can exploit this oversight by using an unregistered time wrapper to bypass executable binding restrictions, allowing them to reuse approval states for inner commands.
Impact
Exploitation of this vulnerability allows for an allowlist bypass, enabling unauthorized execution of commands that would normally be restricted.
Reproduction
The vulnerability can be reproduced by creating a command that includes a time wrapper, such as '/usr/bin/time', and registering it with the system.run approval. The approval process will not properly unwrap the time wrapper, allowing the inner command to be executed without the necessary permissions.
Remediation
Users can update to OpenClaw version 2026.3.22 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.