2 matches found
GHSA-JQ4X-98M3-GGQ6 OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
ZDI-CAN-29312: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability -- ABSTRACT ------------------------------------- Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products: OpenClaw - OpenClaw -- VULNERABILITY DETAILS...
Directory Traversal
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the jsonlPath parameter in the a2uipush action, which is passed directly to the file reader without validation. An attacker can access arbitrary files on the serve...