Primary

Context

OpenClaw Symlink Following Vulnerability in SSH Sandbox Tar Upload Allowing Arbitrary File Write

Vulnerability

A symlink following vulnerability has been identified in OpenClaw versions prior to 2026.3.31, specifically within the SSH sandbox tar upload feature. This vulnerability allows remote attackers to write arbitrary files by uploading tar archives that contain symlinks. The symlinks can escape the sandbox environment and overwrite files on the remote host.

Impact

Exploitation of this vulnerability could lead to unauthorized overwriting of files on the remote host, potentially causing data loss or disruption of services.

Reproduction

The vulnerability can be reproduced by uploading a tar archive containing symlinks that escape the local workspace. The uploaded symlinks will be followed, allowing files to be written outside of the intended directory.

Remediation

Users can update to OpenClaw version 2026.3.31 or later, where this vulnerability has been fixed.

Added: Apr 28, 2026, 12:25 AM

Updated: Apr 28, 2026, 12:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

6.3

remediation

0.0

relevance

6.7

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

6.3

remediation

0.0

relevance

6.7

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenClaw Symlink Following Vulnerability in SSH Sandbox Tar Upload Allowing Arbitrary File Write

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating