This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OpenClaw (pre-2026.2.23) has a critical flaw in `tools.exec.safeBins`. <br>π₯ **Consequences**: Attackers can bypass safety checks. This leads to **unauthorized code execution**.β¦
π‘οΈ **Root Cause**: **CWE-184** (Incomplete List of Disallowed Inputs). <br>π **Flaw**: The validation logic for `safeBins` is insufficient. It fails to block malicious inputs effectively, allowing bypass.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **OpenClaw** by vendor OpenClaw. <br>π **Versions**: All versions **before 2026.2.23**. <br>β οΈ **Component**: The `tools.exec` module specifically.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: High Impact. CVSS Score indicates **High** Confidentiality, Integrity, and Availability impact. <br>π **Data**: Attackers can execute arbitrary code.β¦
π **Threshold**: **Low**. <br>π **Config**: CVSS `PR:L` (Low Privileges) required. `AV:N` (Network) and `UI:N` (No User Interaction). <br>π **Ease**: `AC:L` (Low Complexity). Easy to exploit if network access exists.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π΅οΈ **Public Exp?**: **No**. <br>π **PoC**: The `pocs` field is empty. <br>π **Wild Exp**: No reports of wild exploitation yet. However, the low complexity makes it a prime target.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Check your OpenClaw version. <br>π **Scan**: Look for versions **< 2026.2.23**. <br>π οΈ **Feature**: Inspect `tools.exec.safeBins` configuration. Ensure strict input validation is in place.