CVE-2026-53856
Analyzed Analyzed - Analysis Complete

Insecure File Permissions in OpenClaw Config Recovery Allow Local Information Disclosure

Vulnerability report for CVE-2026-53856, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-16

Last updated on: 2026-06-18

Assigner: VulnCheck

Description

OpenClaw before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores OpenClaw.json with overly broad permissions. Local attackers on shared hosts can read sensitive configuration data by exploiting the recovery path to access the restored config file.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-16
Last Modified
2026-06-18
Generated
2026-07-07
AI Q&A
2026-06-16
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw 2026.4.23

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects OpenClaw versions before 2026.4.24 and involves insecure file permissions in the configuration recovery feature.

When OpenClaw recovers its configuration file (OpenClaw.json), it restores it with overly broad permissions, making the file more accessible than intended.

Local attackers on shared hosting systems can exploit this by accessing the restored config file through the recovery path, potentially reading sensitive configuration data.

Compliance Impact

The vulnerability allows local attackers on shared hosts to read sensitive configuration data due to overly broad file permissions on the restored OpenClaw.json configuration file.

Exposure of sensitive configuration data could potentially lead to non-compliance with data protection standards such as GDPR or HIPAA, which require appropriate safeguards to protect sensitive information from unauthorized access.

However, the provided information does not explicitly state the direct impact on compliance with these regulations.

Impact Analysis

This vulnerability can lead to unauthorized local users on the same host reading sensitive configuration data from the OpenClaw.json file.

Since the recovered config file has overly permissive access rights, attackers can exploit this to gain insights into configuration details that should be protected.

This exposure could compromise the security of the system by revealing sensitive information that might be used for further attacks or unauthorized access.

Detection Guidance

This vulnerability can be detected by checking the file permissions of the restored OpenClaw.json configuration file after a config recovery operation. Since the issue involves overly broad permissions, you should verify if the file is accessible by unauthorized local users.

  • Use commands like `ls -l /path/to/OpenClaw.json` to inspect the file permissions and ownership.
  • Look for permissions that allow read access to users other than the intended owner or group, for example permissions like 644 or more permissive.
  • On Linux systems, you can use `stat /path/to/OpenClaw.json` to get detailed permission and ownership information.
Mitigation Strategies

Immediate mitigation steps include verifying and correcting the file permissions of the OpenClaw.json file after recovery to ensure it is not overly accessible.

  • Check and restrict the permissions of OpenClaw.json to limit access only to the necessary users, for example setting permissions to 600 or 640.
  • Avoid sharing the OpenClaw Gateway between mutually untrusted users on the same host.
  • Keep channel and tool allowlists narrow to reduce exposure.
  • Disable the config recovery feature if it is not needed until you can upgrade to the patched version 2026.4.24 or later.
  • Upgrade OpenClaw to version 2026.4.24 or later where this vulnerability is fixed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53856. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart