CVE-2026-24763
Command Injection in OpenClaw Docker Sandbox via PATH Variable
Publication date: 2026-02-02
Last updated on: 2026-02-13
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.1.29 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
[{'type': 'paragraph', 'content': "The vulnerability in OpenClaw's Docker sandbox execution mechanism allows an authenticated user to execute arbitrary commands inside the container by manipulating the PATH environment variable. This can lead to unauthorized access to the container's filesystem and environment variables, potentially exposing sensitive data."}, {'type': 'paragraph', 'content': 'Such unauthorized access and potential data exposure could negatively impact compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls over the confidentiality and integrity of sensitive personal and health information.'}, {'type': 'paragraph', 'content': 'By enabling command injection and possible data exposure, this vulnerability increases the risk of data breaches and unauthorized data manipulation, which are critical compliance concerns under these regulations.'}, {'type': 'paragraph', 'content': 'The fix implemented in version 2026.1.29 mitigates this risk by safely handling the PATH environment variable to prevent command injection, thereby helping to maintain compliance with such standards by protecting data confidentiality and integrity.'}] [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Update OpenClaw to version 2026.1.29 or later, as this version contains the fix for the command injection vulnerability in the Docker sandbox execution mechanism. Additionally, restrict authenticated user access to environment variable controls to prevent exploitation.
Can you explain this vulnerability to me?
This vulnerability is a command injection flaw in OpenClaw's Docker sandbox execution mechanism. It occurs because the software unsafely handles the PATH environment variable when constructing shell commands. An authenticated user who can control environment variables could manipulate command execution within the container, potentially running arbitrary commands.
How can this vulnerability impact me? :
This vulnerability can allow an authenticated user to execute arbitrary commands within the Docker container running OpenClaw. This can lead to full compromise of the container environment, including unauthorized access, data modification, or disruption of service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability involves unsafe handling of the PATH environment variable in OpenClaw's Docker sandbox execution mechanism, allowing command injection by an authenticated user controlling environment variables."}, {'type': 'paragraph', 'content': 'To detect if your system is vulnerable, you should check the version of OpenClaw installed and whether it is prior to the fixed version 2026.1.29.'}, {'type': 'paragraph', 'content': 'Additionally, you can inspect Docker container execution commands or environment variable settings related to PATH to see if unsafe interpolation is occurring.'}, {'type': 'paragraph', 'content': 'Since the vulnerability is related to environment variable injection in Docker commands, you can look for suspicious environment variable manipulations or shell commands that include direct PATH interpolation.'}, {'type': 'paragraph', 'content': 'No explicit detection commands are provided in the resources, but general approaches include:'}, {'type': 'list_item', 'content': 'Check OpenClaw version: `openclaw --version` or check package version in your environment to confirm if it is older than 2026.1.29.'}, {'type': 'list_item', 'content': 'Review Docker container environment variables for PATH manipulation: `docker inspect <container_id> | grep PATH`.'}, {'type': 'list_item', 'content': 'Audit running processes or scripts that invoke Docker with environment variables, looking for direct PATH interpolation in shell commands.'}, {'type': 'list_item', 'content': 'Monitor logs or command executions for unexpected or injected commands that could indicate exploitation attempts.'}, {'type': 'paragraph', 'content': 'For a more precise detection, you may need to review your OpenClaw deployment and source code or configuration to ensure it uses the fixed method of passing PATH via the CLAWDBOT_PREPEND_PATH environment variable instead of direct shell interpolation.'}] [1, 2]