CVE-2026-28470

OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $() or backticks inside double-quoted strings to execute unauthorized commands.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/openclaw/openclaw/commit/d1ecb46076145deb188abcba8f0699709ea17198	Patch
https://github.com/openclaw/openclaw/security/advisories/GHSA-3hcm-ggvf-rch5	Vendor Advisory
https://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-command-substitution-in-double-quotes	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*

History

11 Mar 2026, 16:18

Type	Values Removed	Values Added
CPE		cpe:2.3:a:openclaw:openclaw::::::node.js::*
CWE		CWE-78
First Time		Openclaw openclaw Openclaw
References	~~() https://github.com/openclaw/openclaw/commit/d1ecb46076145deb188abcba8f0699709ea17198 -~~	() https://github.com/openclaw/openclaw/commit/d1ecb46076145deb188abcba8f0699709ea17198 - Patch
References	~~() https://github.com/openclaw/openclaw/security/advisories/GHSA-3hcm-ggvf-rch5 -~~	() https://github.com/openclaw/openclaw/security/advisories/GHSA-3hcm-ggvf-rch5 - Vendor Advisory
References	~~() https://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-command-substitution-in-double-quotes -~~	() https://www.vulncheck.com/advisories/openclaw-exec-allowlist-bypass-via-command-substitution-in-double-quotes - Third Party Advisory

09 Mar 2026, 13:36

Type	Values Removed	Values Added
Summary		(es) Las versiones de OpenClaw anteriores a 2026.2.2 contienen una vulnerabilidad de omisión de la lista de permitidos (allowlist) de las aprobaciones de ejecución (que deben estar habilitadas) que permite a los atacantes ejecutar comandos arbitrarios inyectando sintaxis de sustitución de comandos. Los atacantes pueden omitir la protección de la lista de permitidos (allowlist) incrustando $() o comillas invertidas sin escapar dentro de cadenas entre comillas dobles para ejecutar comandos no autorizados.

05 Mar 2026, 22:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-05 22:16

Updated : 2026-03-11 16:18

NVD link : CVE-2026-28470

Mitre link : CVE-2026-28470

CVE.ORG link : CVE-2026-28470

JSON object : View

Products Affected

openclaw

openclaw

CWE

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

9.8 /10