Windows Vulnerability (CVE-2026-28391)

Overview

A critical security vulnerability has been identified in OpenClaw software, allowing attackers to bypass critical safety controls and execute dangerous, unauthorized commands on affected systems.

Vulnerability Explanation

OpenClaw includes a security feature designed to only permit a specific, safe list of commands (an allowlist). However, in versions before 2026.2.2, the software does not properly check for Windows command shell (cmd.exe) special characters.

In simple terms, an attacker can inject characters like the ampersand (&) or variable syntax (%...%) into a command request. The system checks if the first part of the command is on the safe list and approves it, but these special characters then allow the attacker to “chain” or inject additional, malicious commands that run without approval. It’s like a security guard checking your ID at a gate and letting you in, but not noticing you’re followed by a group of unauthorized people.

Impact

The impact of this vulnerability is severe (CVSS Score: 9.8 - CRITICAL). A remote attacker who can reach the vulnerable OpenClaw interface could:

• Execute arbitrary commands on the host operating system.
• Steal, modify, or delete sensitive data.
• Install malware or other persistent backdoors.
• Move laterally to other systems on the network. This could lead to full system compromise, major data breaches, and operational disruption.

Remediation and Mitigation

Immediate action is required to protect your systems.

Primary Remediation:

• Upgrade: The definitive fix is to upgrade OpenClaw to version 2026.2.2 or later. This version properly sanitizes command input and validates against shell metacharacters.

Temporary Mitigations (if immediate upgrade is not possible):

• Network Restriction: Immediately restrict network access to the OpenClaw management interface. Allow connections only from absolutely necessary, trusted administrative IP addresses using firewall rules or network security groups.
• Review Logs: Audit OpenClaw application and system logs for any unusual or unexpected command execution activity, particularly entries containing shell metacharacters (&, |, %, >, <).
• Principle of Least Privilege: Ensure the operating system account running the OpenClaw service has the minimum permissions required to function, limiting the potential impact of a successful exploit.

All users and administrators of OpenClaw should prioritize applying the official patch to fully resolve this critical vulnerability.