CVE-2026-25593
Command Injection via Unsafe cliPath in OpenClaw Gateway API
Publication date: 2026-02-06
Last updated on: 2026-02-13
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.1.20 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-25593 is a high-severity vulnerability in the OpenClaw personal AI assistant prior to version 2026.1.20. It allows an unauthenticated local attacker to exploit the Gateway WebSocket API's config.apply method by writing unsafe cliPath values into the configuration. These unsafe values are later used during command discovery in shell commands without proper sanitization, enabling command injection."}, {'type': 'paragraph', 'content': 'This means an attacker with local access can execute arbitrary commands with the privileges of the gateway process user without needing any authentication or user interaction.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can lead to a full compromise of the gateway process, including confidentiality, integrity, and availability. An attacker can execute arbitrary commands on the system with the gateway user's privileges, potentially leading to unauthorized data access, modification, or disruption of services."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability is exploitable only by an unauthenticated local client on the same machine via the Gateway WebSocket API's config.apply method. Detection involves checking for unauthorized or suspicious use of this API to write configuration with unsafe cliPath values."}, {'type': 'paragraph', 'content': 'Since the vulnerability involves command injection through unsafe cliPath values, monitoring or logging WebSocket API calls to config.apply for unusual or unexpected cliPath entries can help detect exploitation attempts.'}, {'type': 'paragraph', 'content': 'Specific commands to detect exploitation are not provided in the available resources.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade OpenClaw to version 2026.1.20 or later, where this vulnerability is fixed.
If an immediate upgrade is not possible, it is recommended to enable gateway authentication by setting gateway.auth to prevent unauthenticated access to the Gateway WebSocket API.
Additionally, avoid using custom cliPath values in the configuration to reduce the risk of command injection.