Authorization Bypass Through User-Controlled Key
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the system.run process. An attacker can bypass intended allowlist or approval mechanisms by supplying crafted environment variable...