CVE-2026-43570
Symlink Traversal in OpenClaw Remote Marketplace
Publication date: 2026-05-05
Last updated on: 2026-05-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openclaw | openclaw | to 2026.4.5 (exc) |
| openclaw | openclaw | From 2026.4.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-61 | The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided context and resources do not explicitly discuss the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
The vulnerability in OpenClaw versions 2026.3.22 before 2026.4.5 is a symlink traversal issue in the remote marketplace repository path handling.
Attackers can exploit this by crafting malicious symbolic link (symlink) paths that allow them to escape the expected repository root directory.
This means attackers can access files outside the intended repository directory by manipulating the paths used to fetch plugins or resources from remote marketplaces.
How can this vulnerability impact me? :
This vulnerability can allow attackers to access files outside the intended repository directory, potentially exposing sensitive or restricted data.
By escaping the repository root, attackers might read or manipulate files that should be protected, which could lead to unauthorized information disclosure or compromise of system integrity.
The vulnerability has a moderate severity rating with a CVSS score around 6, indicating a significant but not critical risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves symlink traversal in remote marketplace repository path handling, allowing crafted symlink paths to escape the intended repository root.
To detect this vulnerability on your system, you can check for the presence of OpenClaw versions between 2026.3.22 and before 2026.4.5, which are affected.
You can also inspect the marketplace plugin directories for suspicious symlinks that point outside the expected repository root.
Suggested commands to help detect potential exploitation or presence of malicious symlinks include:
- Find symlinks in the marketplace directory that point outside the repository root (replace /path/to/marketplace):
- find /path/to/marketplace -type l -exec sh -c 'target=$(readlink -f "{}") && case "$target" in /path/to/marketplace/*) ;; *) echo "Suspicious symlink: {} -> $target" ;; esac' \;
- Check OpenClaw version installed:
- openclaw --version
- Review logs or error messages related to marketplace plugin installation or listing for indications of path validation failures or symlink traversal attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenClaw to version 2026.4.5 or later, where the vulnerability has been fixed.
The fix involves canonicalizing remote plugin paths and enforcing that paths do not escape the marketplace root directory.
Additional immediate steps include:
- Audit and remove any suspicious symlinks in the marketplace repository directories that could allow traversal outside the intended root.
- Apply patches or updates from the official OpenClaw repository that address this issue, such as those referenced in commits b1dd3ded3589f6fa60ab85b3930a82d538edaeae and 94b0062e90467e1582b47cc971f308457c537f3a.
- Monitor plugin installation and listing processes for errors related to invalid or escaping paths.