Impact
The vulnerability allows an attacker to inject arbitrary shell commands into the scp remote operand via unsanitized iMessage staging, the paths are passed directly to the command without validation, enabling remote command execution on the configured host. This can compromise confidentiality, integrity, and availability of the remote system.
Affected Systems
Affected systems are all installations of OpenClaw prior to version 2026.3.13. The flaw resides in the SCP component used by the iMessage attachment staging flow. Any deployment that has remote attachment staging enabled is susceptible.
Risk and Exploitability
The CVSS score of 9.2 classifies this flaw as critical. The EPSS score of 2% indicates a moderate probability of exploitation, corroborating the high score and suggesting that attacks are likely if the remote host can be configured for attachment staging. The vulnerability is not listed in the CISA KEV catalog but its nature and score warrant immediate attention. Attackers with ability to influence the attachment staging configuration can trigger the injection, resulting in arbitrary command execution.
OpenCVE Enrichment