EUVD-2026-21482
GHSA-hr5v-j9h9-xjhg
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Tags
Description
OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl or fileUrl parameter keys. Attackers can exploit incomplete parameter validation in normalizeSandboxMediaParams and missing mediaLocalRoots context to access sensitive files including API keys and configuration data outside designated sandbox roots.
Analysis
Path traversal in OpenClaw before 2026.3.24 allows authenticated sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl or fileUrl parameters. Incomplete validation in normalizeSandboxMediaParams and missing mediaLocalRoots context enables attackers to bypass sandbox boundaries and access sensitive data including API keys and configuration files outside designated roots. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all OpenClaw deployments and document current versions in use; disable or restrict low-privilege account access to multi-agent environments where feasible. Within 7 days: Contact OpenClaw vendor for patch availability timeline and interim security guidance; implement network segmentation to isolate agent workspaces if architectural changes are possible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today