HIGHCVE-2026-28482Published 2026-03-05Modified 2026-03-09CNA VulnCheck

CVE-2026-28482: OpenClaw < 2026.2.12 - Path Traversal via Unsanitized sessionId and sessionFile Parameters

OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can exploit path traversal sequences like ../../etc/passwd in sessionId or sessionFile parameters to read or write arbitrary files outside the agent sessions directory.

CVSS v4.0: 8.4
Severity: HIGH
Fixed in: 2026.2.12
Affected Products: 1

Fix available

2026.2.12

Patch commits

Patch Commit
Hardening Commit

Affected packages

OpenClaw / OpenClaw
< 2026.2.12 (from 0)

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

References

GitHub Security Advisory (GHSA-5xfq-5mr7-426q)
Patch Commit
Hardening Commit
VulnCheck Advisory: OpenClaw < 2026.2.12 - Path Traversal via Unsanitized sessionId and sessionFile Parameters

Metrics

Fix available