Description

OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine. This issue has been patched in version 2026.1.29.

INFO

Published Date :

2026-02-04T19:55:38.493Z

Last Modified :

2026-02-05T14:32:32.289Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-25157 vulnerability.

Vendors Products
Apple
  • Macos
Openclaw
  • Openclaw
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-25157.

URL Resource
https://github.com/openclaw/openclaw/security/advisories/GHSA-q284-4pvr-m585 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact