Compliance Impact

CVE-2026-41370 allows remote attackers to read arbitrary files outside intended directories by exploiting a path traversal vulnerability in OpenClaw's ACP dispatch component. This unauthorized file access can lead to exposure of sensitive or confidential data.

Such unauthorized data exposure can negatively impact compliance with data protection regulations and standards like GDPR and HIPAA, which require strict controls over access to personal and sensitive information.

By allowing attackers to bypass directory restrictions and read arbitrary files, the vulnerability increases the risk of data breaches, potentially resulting in regulatory violations, legal consequences, and reputational damage.

Mitigating this vulnerability by upgrading to OpenClaw version 2026.3.31 or later is essential to maintain compliance and protect sensitive data from unauthorized access.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-41370 is a path traversal vulnerability in the OpenClaw software versions before 2026.3.31. It occurs in the ACP dispatch component, where inbound channel attachment paths are not properly restricted. Attackers can manipulate these attachment paths using special elements like "../" to escape the intended directories, such as the attachment-cache or root directories, allowing them to read arbitrary files outside the allowed locations.

This vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and was fixed by enforcing strict validation and normalization of attachment paths, ensuring they remain within explicitly allowed directories.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows remote attackers with partial privileges to read arbitrary files on the system running OpenClaw by bypassing directory restrictions. The impact is primarily on confidentiality, as sensitive files outside the intended directories can be accessed without authorization.

Because the attack vector is network-based and requires low attack complexity with no user interaction, it poses a significant risk of unauthorized data disclosure.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves path traversal via inbound channel attachment paths in the ACP dispatch component of OpenClaw. Detection involves monitoring for suspicious attachment paths containing traversal elements like "../" that attempt to access files outside the intended directories.

You can detect attempts to exploit this vulnerability by inspecting logs for verbose messages indicating skipped attachments due to path validation failures, as the patched version logs such events.

While no explicit detection commands are provided, you can use commands to search for suspicious file access patterns or path traversal attempts in logs or network traffic, for example:

• Use grep to find suspicious attachment paths in logs: grep -r '\.\./' /path/to/openclaw/logs
• Monitor network traffic for inbound requests containing path traversal sequences using tools like tcpdump or Wireshark with filters for "../" patterns.
• Check the version of OpenClaw installed to determine if it is vulnerable: npm list openclaw or check package.json for version prior to 2026.3.31.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade OpenClaw to version 2026.3.31 or later, where the vulnerability has been fixed by enforcing strict validation and restriction of attachment paths to allowed inbound root directories.

The fix includes normalization and validation of attachment paths, rejecting those outside allowed directories, and secure file reading mechanisms to prevent symbolic link attacks and oversized files.

Until the upgrade can be applied, consider monitoring and blocking inbound requests with suspicious attachment paths containing traversal sequences, and restrict privileges of the OpenClaw process to limit file system access.

Useful 0 Not Useful 0