OpenClaw Arbitrary Directory Deletion Vulnerability in OpenShell Mirror Mode
Vulnerability
A vulnerability allowing arbitrary directory deletion has been identified in OpenClaw versions prior to 2026.4.2. This issue arises in the OpenShell mirror backend, where the application accepts arbitrary absolute paths for remoteWorkspaceDir and remoteAgentWorkspaceDir. In mirror mode, these paths are used for remote cleanup and overwrite operations. As a result, an attacker who can influence these configuration values could cause the deletion of unintended remote directory contents, which would then be replaced with uploaded workspace data.
Impact
Exploitation of this vulnerability could lead to unintended deletion of remote directory contents, causing data loss and disruption of normal operations.
Reproduction
To reproduce this vulnerability, set up OpenClaw in a version prior to 2026.4.2 and configure the OpenShell plugin to use arbitrary absolute paths for 'remoteWorkspaceDir' and 'remoteAgentWorkspaceDir'. When the application performs a mirror sync, it will delete contents from the specified remote directories and replace them with the uploaded workspace data, demonstrating the directory deletion vulnerability.
Remediation
Users can upgrade to OpenClaw version 2026.4.2 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.