CVE-2026-24763

8.8 HIGH

Remote Code Execution

📋 TL;DR

OpenClaw (formerly Clawdbot) versions prior to 2026.1.29 contain a command injection vulnerability in the Docker sandbox execution mechanism. Authenticated users who can control environment variables can execute arbitrary commands within the container context. This affects all users running vulnerable versions of OpenClaw.

💻 Affected Systems

Products:

• OpenClaw (formerly Clawdbot)

Versions: All versions prior to 2026.1.29

Operating Systems: All platforms running Docker

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Docker container execution and authenticated user access

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full container compromise leading to host escape, data exfiltration, or lateral movement within the environment

🟠

Likely Case

Unauthorized command execution within the container, potentially accessing sensitive data or disrupting services

🟢

If Mitigated

Limited impact due to container isolation, but still potential for data access within the container

🌐 Internet-Facing: MEDIUM - Requires authenticated access, but internet-facing instances increase attack surface

🏢 Internal Only: HIGH - Internal attackers with authenticated access can exploit this vulnerability

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access and ability to control environment variables

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2026.1.29

Vendor Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-mc68-q9jw-2h3v

Restart Required: Yes

Instructions:

1. Stop OpenClaw service
2. Update to version 2026.1.29 or later
3. Restart OpenClaw service
4. Verify the fix is applied

🔧 Temporary Workarounds

Restrict Environment Variable Control

all

Limit user ability to control environment variables in OpenClaw configuration

Enhanced Container Isolation

linux

Implement stricter Docker security policies and resource limits

Copy

docker run --read-only --security-opt=no-new-privileges

🧯 If You Can't Patch

• Implement strict access controls to limit authenticated user privileges
• Monitor container activity for unusual command execution patterns

🔍 How to Verify

Check if Vulnerable:

Copy

Check OpenClaw version - if earlier than 2026.1.29, system is vulnerable

Check Version:

Copy

openclaw --version or check package manager

Verify Fix Applied:

Copy

Confirm version is 2026.1.29 or later and review commit 771f23d36b95ec2204cc9a0054045f5d8439ea75

📡 Detection & Monitoring

Log Indicators:

• Unusual command execution in container logs
• PATH environment variable manipulation attempts

Network Indicators:

• Unexpected outbound connections from OpenClaw container

SIEM Query:

Copy

source="docker" AND (process="sh" OR process="bash") AND parent_process="openclaw"

📊 Metadata

CVE ID: CVE-2026-24763

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-78

Published: February 2, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

• https://github.com/openclaw/openclaw/commit/771f23d36b95ec2204cc9a0054045f5d8439ea75
• https://github.com/openclaw/openclaw/releases/tag/v2026.1.29
• https://github.com/openclaw/openclaw/security/advisories/GHSA-mc68-q9jw-2h3v

📤 Share This

Twitter LinkedIn Reddit Copy Link