CVE-2026-53856
Received Received - Intake
Insecure File Permissions in OpenClaw Config Recovery Allow Local Information Disclosure

Publication date: 2026-06-16

Last updated on: 2026-06-16

Assigner: VulnCheck

Description
OpenClaw before 2026.4.24 contains an insecure file permissions vulnerability in config recovery that restores OpenClaw.json with overly broad permissions. Local attackers on shared hosts can read sensitive configuration data by exploiting the recovery path to access the restored config file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-16
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-06-16
EPSS Evaluated
N/A
NVD
CVE-2026-53856
EUVD
EUVD-2026-37158
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.4.24 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects OpenClaw versions before 2026.4.24 and involves insecure file permissions in the configuration recovery feature.

When OpenClaw recovers its configuration file (OpenClaw.json), it restores it with overly broad permissions, making the file more accessible than intended.

Local attackers on shared hosting systems can exploit this by accessing the restored config file through the recovery path, potentially reading sensitive configuration data.

Impact Analysis

This vulnerability can lead to unauthorized local users on the same host reading sensitive configuration data from the OpenClaw.json file.

Since the recovered config file has overly permissive access rights, attackers can exploit this to gain insights into configuration details that should be protected.

This exposure could compromise the security of the system by revealing sensitive information that might be used for further attacks or unauthorized access.

Detection Guidance

This vulnerability can be detected by checking the file permissions of the restored OpenClaw.json configuration file after a config recovery operation. Since the issue involves overly broad permissions, you should verify if the file is accessible by unauthorized local users.

  • Use commands like `ls -l /path/to/OpenClaw.json` to inspect the file permissions and ownership.
  • Look for permissions that allow read access to users other than the intended owner or group, for example permissions like 644 or more permissive.
  • On Linux systems, you can use `stat /path/to/OpenClaw.json` to get detailed permission and ownership information.
Mitigation Strategies

Immediate mitigation steps include verifying and correcting the file permissions of the OpenClaw.json file after recovery to ensure it is not overly accessible.

  • Check and restrict the permissions of OpenClaw.json to limit access only to the necessary users, for example setting permissions to 600 or 640.
  • Avoid sharing the OpenClaw Gateway between mutually untrusted users on the same host.
  • Keep channel and tool allowlists narrow to reduce exposure.
  • Disable the config recovery feature if it is not needed until you can upgrade to the patched version 2026.4.24 or later.
  • Upgrade OpenClaw to version 2026.4.24 or later where this vulnerability is fixed.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53856. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart