CVE-2026-25593
HIGH
GHSA-g55j-c2v4-pjcg
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. This vulnerability is fixed in 2026.1.20.
Analysis
OpenClaw prior to version 2026.1.20 allows local unauthenticated attackers to execute arbitrary commands as the gateway user by exploiting the WebSocket API to inject malicious command paths through the config.apply function. The vulnerability stems from insufficient validation of the cliPath parameter, which is subsequently used for command discovery without proper sanitization. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all OpenClaw deployments and document version numbers; isolate affected systems from production networks if feasible. Within 7 days: Implement network segmentation to restrict local access to the Gateway WebSocket API; disable the config.apply functionality if operationally possible; enable enhanced logging of WebSocket API calls. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today