OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written to gateway.cmd using unquoted set KEY=VALUE assignments, allowing shell metacharacters to break out of assignment context. Attackers can inject arbitrary commands through environment variable values containing metacharacters like &, |, ^, %, or ! to achieve command execution when the scheduled task script is generated and executed.
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
High
Complete data modification
Availability
Low
Partial disruption
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 1
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Openclaw Openclaw
cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*
|
— |
2026.2.19
|
References 3
https://github.com/openclaw/openclaw/commit/dafe52e8cf1a041d898cfb304a485fa05e5…
disclosure@vulncheck.com
https://github.com/openclaw/openclaw/security/advisories/GHSA-pj5x-38rw-6fph
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/openclaw-command-injection-via-unescaped-e…
disclosure@vulncheck.com