GHSA-64QX-VPXX-MVQF

Vulnerability from github – Published: 2026-02-17 16:43 – Updated: 2026-03-06 01:00
VLAI?
Summary
OpenClaw has an arbitrary transcript path file write via gateway sessionFile
Details

Summary

In OpenClaw versions prior to 2026.2.12, the gateway accepted an untrusted sessionFile path when resolving the session transcript file. This could allow an authenticated gateway client to create and append OpenClaw session transcript records at an arbitrary path on the gateway host.

Affected Versions

  • Affected: openclaw < 2026.2.12
  • Patched: openclaw >= 2026.2.12 (recommended: >= 2026.2.13)

Impact

An authenticated gateway client could influence where the gateway writes transcript data by supplying sessionFile outside of the sessions directory. Depending on deployment and filesystem permissions, this may enable arbitrary file creation and repeated appends, leading to configuration corruption and/or denial of service.

This issue does not, by itself, provide a proven remote code execution path.

Fix

The transcript path is now constrained to the sessions directory via resolveSessionFilePath(...) containment checks.

Fix commits: - 4199f9889f0c307b77096a229b9e085b8d856c26 - (compat) 25950bcbb8ba4d8cde002557f6e27c219ae4deda

Credits

Thanks to @tubadeligoz for the report.

Severity ?
7.1 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
7.1 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28459"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-23",
      "CWE-284",
      "CWE-73",
      "CWE-78"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-17T16:43:51Z",
    "nvd_published_at": "2026-03-05T22:16:18Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\nIn OpenClaw versions prior to 2026.2.12, the gateway accepted an untrusted `sessionFile` path when resolving the session transcript file. This could allow an authenticated gateway client to create and append OpenClaw session transcript records at an arbitrary path on the gateway host.\n\n## Affected Versions\n\n- Affected: openclaw `\u003c 2026.2.12`\n- Patched: openclaw `\u003e= 2026.2.12` (recommended: `\u003e= 2026.2.13`)\n\n## Impact\n\nAn authenticated gateway client could influence where the gateway writes transcript data by supplying `sessionFile` outside of the sessions directory. Depending on deployment and filesystem permissions, this may enable arbitrary file creation and repeated appends, leading to configuration corruption and/or denial of service.\n\nThis issue does not, by itself, provide a proven remote code execution path.\n\n## Fix\n\nThe transcript path is now constrained to the sessions directory via `resolveSessionFilePath(...)` containment checks.\n\nFix commits:\n- 4199f9889f0c307b77096a229b9e085b8d856c26\n- (compat) 25950bcbb8ba4d8cde002557f6e27c219ae4deda\n\n## Credits\n\nThanks to @tubadeligoz for the report.",
  "id": "GHSA-64qx-vpxx-mvqf",
  "modified": "2026-03-06T01:00:19Z",
  "published": "2026-02-17T16:43:51Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-64qx-vpxx-mvqf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28459"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/25950bcbb8ba4d8cde002557f6e27c219ae4deda"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/4199f9889f0c307b77096a229b9e085b8d856c26"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.12"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-arbitrary-file-write-via-untrusted-sessionfile-path"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw has an arbitrary transcript path file write via gateway sessionFile"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.