10 matches found
Reliance on IP Address for Authentication
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Reliance on IP Address for Authentication in the authorizeCanvasRequest process. An attacker can gain unauthorized access to canvas endpoints and sensitive interface content by sending HT...
Command Injection
Overview @openclaw/lobster is an Adds the lobster agent tool as an optional plugin tool. Affected versions of this package are vulnerable to Command Injection via the fallback process on Windows systems when certain spawn failures occur and shell: true is used. An attacker can execute arbitrary...
Command Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via the gateway.cmd script generation. An attacker can execute arbitrary commands by supplying specially crafted environment variable values containing Windows shell...
Missing Authentication for Critical Function
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the /extension endpoint when the Chrome extension relay feature is enabled. An attacker can gain unauthorized access to extension-relay...
Improper Encoding or Escaping of Output
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the script generation process in Windows deployments due to improper handling of command-line arguments in gateway.cmd. An attacker can execute...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization incomplete access checks in authenticated DM sessions for owner-only gateway tools. An attacker can perform unauthorized gateway actions by invoking specific tool...
Improper Certificate Validation
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Certificate Validation via channels.imessage.remoteHost. An attacker can execute arbitrary commands or intercept sensitive data by exploiting trust-on-first-use SSH host key...
UNIX Symbolic Link (Symlink) Following
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the packageskill.py script. An attacker can cause unintentional disclosure of local files from the packaging machine by including symlinks in a...
Information Exposure
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Information Exposure via the tools.exec.safeBins flow. An attacker can infer the existence of files on the host filesystem by observing differences in command approval or denial outcomes...
Incomplete List of Disallowed Inputs
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the tools.exec.safeBins configuration. An attacker can gain unauthorized access to the filesystem by leveraging allowed sort output flags -o or...