CVE-2026-22171
Path Traversal in OpenClaw Feishu Media Download Allows Arbitrary File Write
Publication date: 2026-03-18
Last updated on: 2026-03-19
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Affected Vendors & Products
| Vendor | Product | Version |
|---|---|---|
| openclaw | openclaw | to 2026.2.19 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability allows an attacker who can control Feishu media key values to write arbitrary files anywhere on the file system within the permissions of the OpenClaw process. This can lead to overwriting critical system files, injecting malicious files, or otherwise manipulating the file system in unauthorized ways.
Because the attack requires no privileges or user interaction and can be performed remotely over the network, it poses a significant risk. The impact includes high confidentiality loss (e.g., exposure or modification of sensitive files) and integrity loss (e.g., unauthorized file modifications), although availability impact is not significant.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
CVE-2026-22171 is a path traversal vulnerability in OpenClaw's Feishu media download flow. The issue arises because untrusted Feishu media keys (such as imageKey and fileKey) were directly embedded into temporary file paths without proper validation or sanitization. This allowed attackers who can control these media keys to include path traversal sequences (e.g., "../") that escape the system's temporary directory (os.tmpdir()) and write arbitrary files anywhere the OpenClaw process has permission.
The vulnerability was fixed by removing user-controlled keys from temporary file names and replacing them with cryptographically secure random UUIDs, isolating each download in its own temporary directory created securely with mkdtemp, and adding strict validation and normalization of media keys to reject unsafe inputs. These changes prevent attackers from influencing file paths to perform directory traversal and arbitrary file writes.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if your OpenClaw installation is a version prior to 2026.2.19 and if it uses the vulnerable Feishu media download flow that interpolates untrusted media keys directly into temporary file paths.
Since the vulnerability is related to path traversal via untrusted media keys in temporary file paths, you can monitor for suspicious file writes outside the system temporary directory (os.tmpdir()) by the OpenClaw process.
Suggested commands to detect potential exploitation or presence of the vulnerability include:
- Check OpenClaw version installed: `openclaw --version` or inspect package.json or installed package metadata to confirm if the version is prior to 2026.2.19.
- Monitor file system writes by the OpenClaw process outside the system temporary directory, for example using auditd or inotify tools on Linux.
- Search for files created by OpenClaw in unexpected locations, especially those with names containing suspicious path traversal patterns or unusual timestamps.
- Review logs or network traffic for Feishu media keys containing path traversal sequences such as '../' or '..\'.
- If you have access to the source code or runtime environment, check if temporary file paths for Feishu media downloads include user-controlled keys or if they use secure random UUIDs as per the patched code.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade OpenClaw to version 2026.2.19 or later, where the vulnerability has been fixed.
The fix involves several key changes:
- Replace user-controlled media keys in temporary file paths with cryptographically secure random UUIDs to prevent path traversal.
- Isolate temporary file writes by creating dedicated temporary directories using secure methods like `fs.promises.mkdtemp` within the system temporary directory.
- Validate and normalize all external Feishu media keys before use, rejecting keys containing path traversal sequences, control characters, or invalid formats.
- Ensure that temporary files are cleaned up properly after use to avoid leftover files that could be exploited.
If immediate upgrade is not possible, consider implementing strict input validation on Feishu media keys and monitoring file system activity for suspicious writes as a temporary mitigation.