CVE-2026-25157 – OpenClaw versions before 2026.1.29 contain two ... (How to Fix)

Q: What is the severity of CVE-2026-25157?

CVE-2026-25157 has a CVSS score of 7.7 (HIGH). OpenClaw versions before 2026.1.29 contain two command injection vulnerabilities. Attackers can execute arbitrary commands on remote SSH hosts via unescaped project paths or on local machines via malicious SSH target strings. Users running vulnerable OpenClaw versions are affected.

📋 TL;DR

OpenClaw versions before 2026.1.29 contain two command injection vulnerabilities. Attackers can execute arbitrary commands on remote SSH hosts via unescaped project paths or on local machines via malicious SSH target strings. Users running vulnerable OpenClaw versions are affected.

💻 Affected Systems

Products:

OpenClaw

Versions: All versions before 2026.1.29

Operating Systems: All platforms running OpenClaw

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerable in default configuration when using SSH functionality.

📦 What is this software?

Openclaw by Openclaw

View all CVEs affecting Openclaw →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full compromise of both local and remote systems, allowing data theft, ransomware deployment, or lateral movement across networks.

🟠

Likely Case

Remote code execution on SSH hosts leading to data exfiltration, credential harvesting, or backdoor installation.

🟢

If Mitigated

Limited impact with proper network segmentation and least privilege SSH configurations.

🌐 Internet-Facing: HIGH if OpenClaw is exposed to untrusted networks, as unauthenticated exploitation is possible.

🏢 Internal Only: MEDIUM for internal deployments, requiring attacker access to the network but potentially enabling lateral movement.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple command injection via user-controlled parameters; exploitation requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2026.1.29

Vendor Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-q284-4pvr-m585

Restart Required: Yes

Instructions:

1. Stop OpenClaw service. 2. Update to version 2026.1.29 via package manager or manual installation. 3. Restart OpenClaw service.

🔧 Temporary Workarounds

Disable SSH functionality

all

Temporarily disable OpenClaw's SSH features if not required.

# Edit OpenClaw configuration to remove SSH module references
# Restart OpenClaw after configuration changes

Input validation hardening

all

Implement strict input validation for project paths and SSH targets.

# Add validation to reject paths containing shell metacharacters
# Reject SSH targets starting with dashes

🧯 If You Can't Patch

Network segmentation: Isolate OpenClaw instances from critical systems.
Least privilege SSH: Configure SSH to use restricted user accounts with minimal permissions.

🔍 How to Verify

Check if Vulnerable:

Check OpenClaw version; if below 2026.1.29, assume vulnerable.

Check Version:

openclaw --version

Verify Fix Applied:

Confirm version is 2026.1.29 or higher and test SSH functionality with malicious inputs.

📡 Detection & Monitoring

Log Indicators:

Unusual SSH connections from OpenClaw
Error messages containing suspicious shell commands
Failed cd commands with unusual paths

Network Indicators:

SSH connections to unexpected hosts
Outbound connections following OpenClaw SSH operations

SIEM Query:

source="openclaw.log" AND ("cd failed" OR "ssh -oProxyCommand")

📊 Metadata

CVE ID: CVE-2026-25157

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-78

EPSS Score: 0.02% exploit probability (2.6th percentile)

Published: February 4, 2026

Last Updated: February 13, 2026

🔗 References

https://github.com/openclaw/openclaw/security/advisories/GHSA-q284-4pvr-m585 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-25157, you might also want to check these: