OpenClaw Affected by Unauthenticated Local RCE via WebSocket config.apply

8.4 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. This vulnerability is fixed in 2026.1.20.

Basic Information

ID CVE-2026-25593

Source GitHub_M

Published Feb 6, 2026 at 20:56

Affected Product

Vendor openclaw

Product openclaw

Version < 2026.1.20

Affected Versions openclaw openclaw < 2026.1.20

CWE Classification

CWE-78 CWE-306

References

github.com /openclaw/openclaw/security/advisories/GHSA-g55j-c2v4-pjcg

{
    "lastseen": "",
    "description": "OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. This vulnerability is fixed in 2026.1.20.",
    "published": "2026-02-06T20:56:02.824Z",
    "modified": "2026-02-06T20:56:02.824Z",
    "type": "cve",
    "title": "OpenClaw Affected by Unauthenticated Local RCE via WebSocket config.apply",
    "source": "GitHub_M",
    "references": "https://github.com/openclaw/openclaw/security/advisories/GHSA-g55j-c2v4-pjcg",
    "id": "CVE-2026-25593",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78",
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "openclaw openclaw < 2026.1.20",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "openclaw",
    "version": "< 2026.1.20",
    "vendor": "openclaw",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

OpenClaw Affected by Unauthenticated Local RCE via WebSocket config.apply_CVE-2026-25593