3 matches found
PT-2026-48813
Name of the Vulnerable Software and Affected Versions WsgiDAV version 4.3.3 Description An issue exists in the FilesystemProvider. loc to file path function where the application fails to properly validate path boundaries when using a filesystem-backed share. The method uses...
CVE-2026-32036 OpenClaw < 2026.2.26- Authentication Bypass via Encoded Dot-Segment Traversal in /api/channels
OpenClaw gateway plugin versions prior to 2026.2.26 contain a path traversal vulnerability that allows remote attackers to bypass route authentication checks by manipulating /api/channels paths with encoded dot-segment traversal sequences. Attackers can craft alternate paths using encoded travers...
PT-2026-26417
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.26 Description The OpenClaw gateway plugin contains a path traversal issue that allows remote attackers to bypass route authentication checks. This is achieved by manipulating the /api/channels paths with...