OS Command Injection in OpenClaw - CVE-2026-32917

 

OS Command Injection in OpenClaw - CVE-2026-32917

Published: April 8, 2026


Vulnerability identifier: #VU125168
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2026-32917
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: OpenClaw
Affected software:
OpenClaw

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary commands on the configured remote host.

The vulnerability exists due to command injection in src/auto-reply/reply/stage-sandbox-media.ts when staging iMessage attachments over SCP using a sender-controlled remote attachment path. A remote attacker can send a specially crafted iMessage attachment filename containing shell metacharacters to execute arbitrary commands on the configured remote host.

Exploitation requires remote attachment staging to be enabled and ctx.MediaRemoteHost to be set.


How to mitigate CVE-2026-32917

Install security update from vendor's website.

Sources