CVE-2026-32901

Published: Mar 23, 2026 Last Modified: Mar 23, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: active

Confidentiality: N/A

Integrity: N/A

Availability: N/A

MEDIUM 6,7

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: low

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

OpenClaw before 2026.3.2 contains a semantic drift vulnerability in node system.run approval hardening that rewrites wrapper command argv, allowing execution of unintended local scripts. Attackers who can influence wrapper argv and place malicious files in the approved working directory can execute arbitrary scripts by exploiting argv rewriting that changes runtime behavior from approved command text.

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Other

Potential Impacts:

Execute Unauthorized Code Or Commands Alter Execution Logic Read Application Data Modify Application Data

Applicable Platforms

Languages: Not Language-Specific, PHP

View CWE Details

https://github.com/openclaw/openclaw/commit/dded569626b0d8e…

https://github.com/openclaw/openclaw/commit/dded569626b0d8e7bdab10b5e7528b6caf7…

https://github.com/openclaw/openclaw/security/advisories/GH…

https://github.com/openclaw/openclaw/security/advisories/GHSA-h3rm-6x7g-882f

https://vulncheck.com/advisories/openclaw-mar-arbitrary-loc…

https://vulncheck.com/advisories/openclaw-mar-arbitrary-local-script-execution-…

CVE-2026-32901

Description

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter