OpenClaw Path Traversal Information Disclosure Vulnerability

A path traversal vulnerability allowing information disclosure has been identified in OpenClaw versions through 2026.2.19-2. This issue arises from improper validation of user-supplied path parameters in the canvas gateway endpoint, enabling authenticated remote attackers to read arbitrary files accessible to the gateway process. The extracted file contents are transmitted to the connected node client via a WebSocket command, potentially exposing sensitive information such as the gateway token.

Impact

Exploitation of this vulnerability allows for unauthorized reading of files from the server, including sensitive files like the password file, SSH keys, AWS credentials, or the OpenClaw configuration file containing the gateway token.

Reproduction

The vulnerability can be reproduced by sending a WebSocket command through the OpenClaw canvas tool, specifying a path to a file that the gateway process can access. The file will be read and its contents forwarded to the connected node client, simulating exfiltration.

Remediation

OpenClaw has released a patch for this vulnerability. Users should update to version 2026.2.21 or later.