CVE-2026-25157 OpenClaw — Exploit & Vulnerability Details HIGH

Parameter	Value
CVSS	7.7 (HIGH)
Fixed In	2026.1.29
Type	CWE-78 (OS Command Injection)
Vendor	OpenClaw
Public PoC	No

OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message.

When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine.

This issue has been patched in version 2026.1.29.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

High

Difficult to exploit

Privileges Required

None

No privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-78 OS Command Injection

References 1

https://github.com/openclaw/openclaw/security/advisories/GHSA-q284-4pvr-m585

security-advisories@github.com

Menu

CVE-2026-25157

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

CVE Details

Editor's Choice

Menu

CVE-2026-25157

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

CVE Details

Editor's Choice

Stay informed on cybersecurity