CVE-2026-22176
Command Injection in OpenClaw Scheduled Task Script Generation
Publication date: 2026-03-19
Last updated on: 2026-03-19
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.2.19 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-22176 is a command injection vulnerability in OpenClaw versions prior to 2026.2.19 that affects the generation of Windows Scheduled Task scripts.
The issue occurs because environment variables are written into a batch script (gateway.cmd) using unquoted assignments in the form set KEY=VALUE. This allows Windows shell metacharacters such as &, |, ^, %, or ! within environment variable values to break out of the intended assignment context.
As a result, an attacker who can influence environment variable values containing these metacharacters can inject and execute arbitrary commands when the scheduled task script is generated and executed.
The vulnerability arises during the installation or reinstallation of the gateway service on Windows, where the batch script is registered and run via Windows Scheduled Tasks (schtasks).
The vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command) and has moderate severity.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with the ability to influence environment variable values to execute arbitrary commands on the affected system with the privileges of the scheduled task.
Such command execution can lead to unauthorized actions, potentially compromising system integrity or availability.
The risk is higher in environments where environment variables come from less-trusted sources such as shared configuration templates, automation workflows, or repositories.
In single-user or personally controlled machines, the practical risk is generally low.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting the Windows Scheduled Task script (gateway.cmd) generated by OpenClaw for unquoted environment variable assignments that contain shell metacharacters such as &, |, ^, %, or !.
Specifically, look for lines in gateway.cmd using the pattern set KEY=VALUE without quotes around the assignment, which allows command injection.
You can check the scheduled task commands using Windows command line tools like schtasks to query the task and inspect the script it runs.
- Use PowerShell or Command Prompt to locate and examine the gateway.cmd script for unquoted set commands with suspicious environment variable values.
- Run: schtasks /Query /TN <task_name> /XML to export the scheduled task definition and review the command or script it executes.
- Search for environment variables containing metacharacters by inspecting the environment or configuration files that influence the scheduled task.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The immediate mitigation step is to upgrade OpenClaw to version 2026.2.19 or later, where the vulnerability is fixed by quoting environment variable assignments and escaping special characters in the scheduled task script.'}, {'type': 'paragraph', 'content': 'If upgrading is not immediately possible, manually inspect and modify the gateway.cmd script to ensure environment variable assignments are quoted in the form set "KEY=VALUE" with proper escaping of metacharacters.'}, {'type': 'paragraph', 'content': 'Avoid using environment variable values that contain shell metacharacters such as &, |, ^, %, or ! in configurations that influence the scheduled task script.'}, {'type': 'paragraph', 'content': 'Review and restrict access to configuration sources that provide environment variables to prevent injection of malicious values.'}, {'type': 'paragraph', 'content': 'Consider temporarily disabling or removing the affected scheduled task until the fix can be applied.'}] [1, 2]