CVE-2026-32912
Current Directory Injection in OpenClaw Windows Wrapper Enables Command Execution
Publication date: 2026-03-23
Last updated on: 2026-03-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.3.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-426 | The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Can you explain this vulnerability to me?
OpenClaw versions 2026.2.26 before 2026.3.1 have a vulnerability related to how Windows wrapper resolution handles .cmd and .bat files. Specifically, there is a current working directory injection issue that allows attackers to manipulate the directory context used during wrapper resolution. This manipulation can cause the system to fall back to shell execution in an unintended way, leading to a loss of command execution integrity.
How can this vulnerability impact me? :
This vulnerability can allow an attacker with limited privileges to manipulate the current working directory and cause unauthorized command execution. This can lead to integrity loss in command execution, potentially allowing the attacker to run malicious commands or scripts, which could compromise the affected system.