External Control of File Name or Path in OpenClaw - CVE-2026-28459
Published: May 4, 2026
OpenClaw
Detailed vulnerability description
The vulnerability allows a remote user to create or append files at an arbitrary path on the gateway host, leading to configuration corruption and cause a denial of service.
The vulnerability exists due to external control of file name or path in the gateway session transcript file handling when resolving the untrusted sessionFile path. A remote user can supply a crafted sessionFile path to create or append files at an arbitrary path on the gateway host, leading to configuration corruption and cause a denial of service.
Exploitation depends on deployment and filesystem permissions.