EUVD-2026-13037
GHSA-6f6j-wx9w-ff4j
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
4Description
OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution fallback mechanisms to achieve command execution integrity loss by controlling the current working directory during wrapper resolution.
Analysis
OpenClaw versions prior to 2026.3.1 contain a current working directory (cwd) injection vulnerability in Windows wrapper resolution for .cmd/.bat files that allows local attackers to manipulate command execution through directory control during shell fallback mechanisms. An authenticated local attacker with low privileges can exploit this vulnerability to achieve command execution integrity loss by controlling the working directory, potentially leading to unauthorized code execution or privilege escalation. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems running a current working directory injection vulnerability in wrapp and apply vendor patches as part of regular patch cycle. Validate input sanitization for user-controlled parameters.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today