CVE-2026-32973

Published: Mar 29, 2026 Last Modified: Mar 29, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

CRITICAL 9,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard matching across path segments to execute commands or paths not intended by operators.

625

Permissive Regular Expression

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism

Applicable Platforms

Languages: Perl, PHP

View CWE Details

https://github.com/openclaw/openclaw/security/advisories/GH…

https://github.com/openclaw/openclaw/security/advisories/GHSA-f8r2-vg7x-gh8m

https://www.vulncheck.com/advisories/openclaw-exec-allowlis…

https://www.vulncheck.com/advisories/openclaw-exec-allowlist-pattern-overmatch-…

CVE-2026-32973

Description

Permissive Regular Expression

Common Consequences

Applicable Platforms

Iscriviti alla newsletter