CVE-2026-22171
Received Received - Intake
Path Traversal in OpenClaw Feishu Media Download Allows Arbitrary File Write

Publication date: 2026-03-18

Last updated on: 2026-03-19

Assigner: VulnCheck

Description
OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the client can use traversal segments to escape os.tmpdir() and write arbitrary files within the OpenClaw process permissions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-15
NVD
CVE-2026-22171
EUVD
EUVD-2026-12714
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.19 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability allows an attacker who can control Feishu media key values to write arbitrary files anywhere on the file system within the permissions of the OpenClaw process. This can lead to overwriting critical system files, injecting malicious files, or otherwise manipulating the file system in unauthorized ways.

Because the attack requires no privileges or user interaction and can be performed remotely over the network, it poses a significant risk. The impact includes high confidentiality loss (e.g., exposure or modification of sensitive files) and integrity loss (e.g., unauthorized file modifications), although availability impact is not significant.

Compliance Impact

I don't know

Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-22171 is a path traversal vulnerability in OpenClaw\'s Feishu media download flow. The issue arises because untrusted Feishu media keys (such as imageKey and fileKey) were directly embedded into temporary file paths without proper validation or sanitization. This allowed attackers who can control these media keys to include path traversal sequences (e.g., "../") that escape the system\'s temporary directory (os.tmpdir()) and write arbitrary files anywhere the OpenClaw process has permission.'}, {'type': 'paragraph', 'content': 'The vulnerability was fixed by removing user-controlled keys from temporary file names and replacing them with cryptographically secure random UUIDs, isolating each download in its own temporary directory created securely with mkdtemp, and adding strict validation and normalization of media keys to reject unsafe inputs. These changes prevent attackers from influencing file paths to perform directory traversal and arbitrary file writes.'}] [1, 3, 4, 5]

Detection Guidance

[{'type': 'paragraph', 'content': 'Detection of this vulnerability involves identifying if your OpenClaw installation is a version prior to 2026.2.19 and if it uses the vulnerable Feishu media download flow that interpolates untrusted media keys directly into temporary file paths.'}, {'type': 'paragraph', 'content': 'Since the vulnerability is related to path traversal via untrusted media keys in temporary file paths, you can monitor for suspicious file writes outside the system temporary directory (os.tmpdir()) by the OpenClaw process.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect potential exploitation or presence of the vulnerability include:'}, {'type': 'list_item', 'content': 'Check OpenClaw version installed: `openclaw --version` or inspect package.json or installed package metadata to confirm if the version is prior to 2026.2.19.'}, {'type': 'list_item', 'content': 'Monitor file system writes by the OpenClaw process outside the system temporary directory, for example using auditd or inotify tools on Linux.'}, {'type': 'list_item', 'content': 'Search for files created by OpenClaw in unexpected locations, especially those with names containing suspicious path traversal patterns or unusual timestamps.'}, {'type': 'list_item', 'content': "Review logs or network traffic for Feishu media keys containing path traversal sequences such as '../' or '..\\'."}, {'type': 'list_item', 'content': 'If you have access to the source code or runtime environment, check if temporary file paths for Feishu media downloads include user-controlled keys or if they use secure random UUIDs as per the patched code.'}] [1, 3, 4, 5]

Mitigation Strategies

The primary mitigation is to upgrade OpenClaw to version 2026.2.19 or later, where the vulnerability has been fixed.

The fix involves several key changes:

  • Replace user-controlled media keys in temporary file paths with cryptographically secure random UUIDs to prevent path traversal.
  • Isolate temporary file writes by creating dedicated temporary directories using secure methods like `fs.promises.mkdtemp` within the system temporary directory.
  • Validate and normalize all external Feishu media keys before use, rejecting keys containing path traversal sequences, control characters, or invalid formats.
  • Ensure that temporary files are cleaned up properly after use to avoid leftover files that could be exploited.

If immediate upgrade is not possible, consider implementing strict input validation on Feishu media keys and monitoring file system activity for suspicious writes as a temporary mitigation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22171. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart