CVE-2026-28453

OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths during extraction, allowing path traversal sequences to write files outside the intended directory. Attackers can craft malicious archives with traversal sequences like ../../ to write files outside extraction boundaries, potentially enabling configuration tampering and code execution.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/openclaw/openclaw/commit/3aa94afcfd12104c683c9cad81faf434d0dadf87	Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-p25h-9q54-ffvw	Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-zip-slip-path-traversal-in-tar-archive-extraction	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

History

09 Mar 2026, 18:04

Type	Values Removed	Values Added
First Time		Openclaw openclaw Openclaw
CPE		cpe:2.3:a:openclaw:openclaw::::::node.js::*
References	~~() https://github.com/openclaw/openclaw/commit/3aa94afcfd12104c683c9cad81faf434d0dadf87 -~~	() https://github.com/openclaw/openclaw/commit/3aa94afcfd12104c683c9cad81faf434d0dadf87 - Patch
References	~~() https://github.com/openclaw/openclaw/security/advisories/GHSA-p25h-9q54-ffvw -~~	() https://github.com/openclaw/openclaw/security/advisories/GHSA-p25h-9q54-ffvw - Vendor Advisory
References	~~() https://www.vulncheck.com/advisories/openclaw-zip-slip-path-traversal-in-tar-archive-extraction -~~	() https://www.vulncheck.com/advisories/openclaw-zip-slip-path-traversal-in-tar-archive-extraction - Third Party Advisory

09 Mar 2026, 13:36

Type	Values Removed	Values Added
Summary		(es) Las versiones de OpenClaw anteriores a la 2026.2.14 no validan las rutas de entrada de archivos TAR durante la extracción, permitiendo que secuencias de salto de ruta escriban archivos fuera del directorio previsto. Los atacantes pueden crear archivos maliciosos con secuencias de salto de ruta como ../../ para escribir archivos fuera de los límites de extracción, lo que podría permitir la manipulación de la configuración y la ejecución de código.

05 Mar 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-05 22:16

Updated : 2026-03-09 18:04

NVD link : CVE-2026-28453

Mitre link : CVE-2026-28453

CVE.ORG link : CVE-2026-28453

JSON object : View

Products Affected

openclaw

openclaw

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.5 /10