Skip to main content

SSH CVE-2026-25157

HIGH
OS Command Injection (CWE-78)
2026-02-04 security-advisories@github.com GHSA-q284-4pvr-m585
7.7
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.7 HIGH
AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Feb 04, 2026 - 20:16 nvd
HIGH 7.7

DescriptionGitHub Advisory

OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine. This issue has been patched in version 2026.1.29.

AnalysisAI

OpenClaw AI assistant versions prior to 2026.1.29 contain two command injection vulnerabilities: unescaped user input in SSH project paths allows remote code execution on SSH hosts, and insufficient validation of SSH target parameters enables local command execution through malicious flag injection. An attacker can exploit these flaws to achieve arbitrary code execution either remotely via SSH or locally on the system running OpenClaw.

Technical ContextAI

Classified as CWE-78 (OS Command Injection). Affects Openclaw. OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SS

RemediationAI

Fixed in version 2026.1.29..

More in SSH

View all
CVE-2014-6271 CRITICAL POC
9.8 Sep 24

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which

CVE-2014-6278 HIGH POC
8.8 Sep 30

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, whi

CVE-2014-7169 CRITICAL POC
9.8 Sep 25

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of

CVE-2012-6066 CRITICAL POC
9.3 Dec 04

freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demons

CVE-2014-6277 CRITICAL POC
10.0 Sep 27

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, whi

CVE-2023-25136 MEDIUM POC
6.5 Feb 03

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. Rated medium se

CVE-2016-6210 MEDIUM POC
5.9 Feb 13

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static

CVE-2015-5600 HIGH POC
8.1 Aug 03

The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processin

CVE-2016-6515 HIGH POC
7.5 Aug 07

The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password a

CVE-2024-6387 HIGH POC
8.1 Jul 01

Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to

CVE-2012-5975 CRITICAL POC
9.3 Dec 04

The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6

CVE-2023-48795 MEDIUM POC
5.9 Dec 18

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot

Share

CVE-2026-25157 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy