Description
OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with API access can exploit path traversal in POST /trace/stop, POST /wait/download, and POST /download endpoints to write files outside intended temp roots.
Published: 2026-03-05
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Write via Path Traversal
Action: Apply Patch
AI Analysis

Impact

OpenClaw, prior to version 2026.2.13, permits user-supplied filenames in its browser control API to be written to disk without sufficient confinement to temporary directories. The flaw allows an attacker to supply a crafted path that traverses outside the intended temporary root, enabling writes to arbitrary locations on the filesystem. If the attacker can overwrite executable or configuration files, this could lead to remote code execution or broader system compromise.

Affected Systems

The vulnerability affects all OpenClaw releases before 2026.2.13. Specifically, any deployment that exposes the vulnerable API endpoints for trace or download operations is at risk.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, while an EPSS score of less than 1% suggests low but non-zero likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires access to the OpenClaw API endpoints, such as POST /trace/stop, POST /wait/download, and POST /download. An attacker can craft path traversal payloads to place files outside the temporary directory, potentially overwriting critical files if permissions allow.

Generated by OpenCVE AI on April 16, 2026 at 12:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenClaw to version 2026.2.13 or later
  • If an upgrade is not immediately feasible, limit API access to trusted internal networks and disable or restrict the /trace and /download endpoints until a patch is applied
  • Apply the upstream patch by cherry‑picking commit 7f0489e4731c8d965d78d6eac4a60312e46a9426 from the OpenClaw repository or edit the source to enforce proper path sanitization before writing files

Generated by OpenCVE AI on April 16, 2026 at 12:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-gq9c-wg68-gwj2 OpenClaw has a path traversal in browser trace/download output paths may allow arbitrary file writes
History

Mon, 09 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with API access can exploit path traversal in POST /trace/stop, POST /wait/download, and POST /download endpoints to write files outside intended temp roots.
Title OpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output Paths
First Time appeared Openclaw
Openclaw openclaw
Weaknesses CWE-22
CPEs cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
Vendors & Products Openclaw
Openclaw openclaw
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Openclaw Openclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-09T17:26:51.144Z

Reserved: 2026-02-27T19:18:20.638Z

Link: CVE-2026-28462

cve-icon Vulnrichment

Updated: 2026-03-09T17:25:12.944Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T22:16:18.873

Modified: 2026-03-09T17:32:54.197

Link: CVE-2026-28462

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T12:15:35Z

Weaknesses