CVE-2026-43567
Undergoing Analysis Undergoing Analysis - In Progress
Path Traversal in OpenClaw Screen Recording Tool

Publication date: 2026-05-05

Last updated on: 2026-05-07

Assigner: VulnCheck

Description
OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screen_record tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-05
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-05-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43567
EUVD
EUVD-2026-27285
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.10 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows attackers to write files outside the intended workspace boundary by bypassing filesystem guards. This unauthorized file write capability could potentially lead to unauthorized data access or modification.

Such unauthorized access or modification of files may impact compliance with standards and regulations like GDPR or HIPAA, which require strict controls over data access and integrity to protect sensitive information.

However, the provided information does not explicitly describe the direct impact of this vulnerability on compliance with these regulations.

Executive Summary

CVE-2026-43567 is a path traversal vulnerability in the OpenClaw software versions before 2026.4.10. It specifically affects the screen_record tool's outPath parameter, which is supposed to restrict file writing to within a designated workspace directory.

Due to this vulnerability, attackers can bypass the workspace-only filesystem guards by specifying an outPath outside the workspace boundary, allowing them to write files to unintended locations on the system.

Impact Analysis

This vulnerability can allow an attacker with authorized access to write files outside the intended workspace directory, potentially leading to unauthorized file creation or modification on the system.

Such unauthorized file writes could be used to place malicious files, overwrite important system files, or otherwise compromise the integrity and security of the affected system.

Mitigation Strategies

To mitigate the CVE-2026-43567 vulnerability, you should upgrade OpenClaw to version 2026.4.10 or later, as these versions include the fix that properly guards the screen_record tool's outPath parameter against path traversal attacks.

The fix ensures that the outPath parameter is validated to remain within the workspace boundaries, preventing unauthorized file writes outside the workspace.

Ensure that your system is running a patched version such as 2026.4.10 or newer (including the latest npm release 2026.4.14) to protect against this vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43567. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart