CVE
CVE-2026-25593
OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply
Summary
An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user.
Impact
A local process on the same machine could execute arbitrary commands as the gateway process user.
Details
config.applyaccepted raw JSON and wrote it to disk after schema validation.cliPathvalues were not constrained to safe executable names/paths.- Command discovery used a shell invocation when resolving executables.
Mitigation
Upgrade to a patched release. If projects cannot upgrade immediately, set gateway.auth and avoid custom cliPath values.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
8.4
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
C
H
U
0
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
C
H
U
8.4
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Related Resources
No items found.
References
https://github.com/openclaw/openclaw/security/advisories/GHSA-g55j-c2v4-pjcg, https://nvd.nist.gov/vuln/detail/CVE-2026-25593, https://github.com/openclaw/openclaw
Basic Information
Ecosystem
