CVE-2026-28447
📋 TL;DR
OpenClaw versions 2026.1.29-beta.1 through 2026.2.1 contain a path traversal vulnerability in plugin installation. Attackers can craft malicious plugin package names with path traversal sequences (like '..') to write files outside the intended extensions directory when users run the 'plugins install' command. This affects all users running vulnerable versions of OpenClaw.
💻 Affected Systems
- OpenClaw
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution by writing malicious files to system directories, potentially leading to full system compromise.
Likely Case
Arbitrary file write to sensitive locations, enabling data theft, privilege escalation, or denial of service.
If Mitigated
Limited to plugin installation directories with proper sandboxing, but still allows unauthorized file writes.
🎯 Exploit Status
Exploitation requires the victim to run 'plugins install' with a malicious package name. Public proof-of-concept exists in advisory references.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2026.2.1 and later
Vendor Advisory: https://github.com/openclaw/openclaw/security/advisories/GHSA-qrq5-wjgg-rvqw
Restart Required: No
Instructions:
1. Update OpenClaw to version 2026.2.1 or later. 2. Run 'openclaw --update' or use your package manager. 3. Verify the update completed successfully.
🔧 Temporary Workarounds
Disable plugin installation
allTemporarily disable the plugin installation feature to prevent exploitation.
openclaw config set plugins.install.enabled false
Restrict plugin sources
allOnly install plugins from trusted, verified sources.
🧯 If You Can't Patch
- Implement strict access controls on the OpenClaw installation directory to prevent unauthorized file writes.
- Monitor and audit all plugin installation activities for suspicious package names containing path traversal sequences.
🔍 How to Verify
Check if Vulnerable:
Check your OpenClaw version with 'openclaw --version'. If it's between 2026.1.29-beta.1 and 2026.2.1, you are vulnerable.Check Version:
openclaw --versionVerify Fix Applied:
After updating, run 'openclaw --version' to confirm version is 2026.2.1 or later. Test plugin installation with a safe package.📡 Detection & Monitoring
Log Indicators:
- Log entries showing plugin installation with package names containing '..' or path traversal sequences
- Unexpected file writes outside the extensions directory
Network Indicators:
- Downloads of plugin packages from untrusted sources
SIEM Query:
source="openclaw.log" AND "plugins install" AND (".." OR "../" OR "/..")