OpenClaw Shell Expansion Bypass Vulnerability in Unquoted Heredocs Allowing Exec Allowlist Bypass
Vulnerability
A vulnerability in OpenClaw versions prior to 2026.4.22 allows for shell expansion bypass in unquoted heredoc bodies, creating an exec allowlist analysis vulnerability. Attackers can exploit this by embedding shell expansion tokens within heredocs to execute unauthorized commands at runtime, effectively circumventing allowlist validation.
Impact
Exploitation of this vulnerability could lead to unauthorized command execution by allowing hidden shell expansions in unquoted heredoc bodies to bypass exec allowlist validations.
Reproduction
The vulnerability can be reproduced by including shell expansion tokens, such as those representing environment variables or command substitutions, within an unquoted heredoc in a command that is subject to exec allowlist analysis. The command will be approved by the allowlist process but will execute the injected expansions at runtime, potentially leading to unauthorized actions or information disclosure.
Remediation
Users can upgrade to OpenClaw version 2026.4.22 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.