GHSA-P25H-9Q54-FFVW

Vulnerability from github – Published: 2026-03-02 22:40 – Updated: 2026-03-06 00:59
VLAI?
Summary
OpenClaw has Zip Slip path traversal in tar archive extraction
Details

Summary

OpenClaw versions before 2026.2.14 did not sufficiently validate TAR archive entry paths during extraction. A crafted archive could use path traversal sequences (for example ../../...) to write files outside the intended destination directory (Zip Slip).

Affected Packages / Versions

  • Package: openclaw (npm)
  • Affected: < 2026.2.14
  • Fixed: >= 2026.2.14

Details

The affected code path is extractArchive() in src/infra/archive.ts. Prior to 2026.2.14, TAR extraction used tar.x({ cwd: destDir }) without rejecting traversal and absolute entry paths.

This extraction is used by installation flows such as: - openclaw plugins install … - openclaw hooks install …

Impact

If a user installs an untrusted .tar / .tgz archive, an attacker can write files outside the extraction directory (within the permissions of the OpenClaw process). This can lead to configuration tampering and potentially code execution.

Mitigation

Upgrade to openclaw >= 2026.2.14. Avoid installing untrusted plugin/hook archives.

Fix Commit(s)

  • 3aa94afcfd12104c683c9cad81faf434d0dadf87

OpenClaw thanks @xuemian168 for reporting.

Severity ?
8.1 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
8.3 (High)
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-28453"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-02T22:40:57Z",
    "nvd_published_at": "2026-03-05T22:16:17Z",
    "severity": "HIGH"
  },
  "details": "## Summary\nOpenClaw versions before 2026.2.14 did not sufficiently validate TAR archive entry paths during extraction. A crafted archive could use path traversal sequences (for example `../../...`) to write files outside the intended destination directory (Zip Slip).\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Affected: `\u003c 2026.2.14`\n- Fixed: `\u003e= 2026.2.14`\n\n## Details\nThe affected code path is `extractArchive()` in `src/infra/archive.ts`. Prior to 2026.2.14, TAR extraction used `tar.x({ cwd: destDir })` without rejecting traversal and absolute entry paths.\n\nThis extraction is used by installation flows such as:\n- `openclaw plugins install \u2026`\n- `openclaw hooks install \u2026`\n\n## Impact\nIf a user installs an untrusted `.tar` / `.tgz` archive, an attacker can write files outside the extraction directory (within the permissions of the OpenClaw process). This can lead to configuration tampering and potentially code execution.\n\n## Mitigation\nUpgrade to `openclaw \u003e= 2026.2.14`. Avoid installing untrusted plugin/hook archives.\n\n## Fix Commit(s)\n- `3aa94afcfd12104c683c9cad81faf434d0dadf87`\n\nOpenClaw thanks @xuemian168 for reporting.",
  "id": "GHSA-p25h-9q54-ffvw",
  "modified": "2026-03-06T00:59:34Z",
  "published": "2026-03-02T22:40:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-p25h-9q54-ffvw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28453"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/3aa94afcfd12104c683c9cad81faf434d0dadf87"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-zip-slip-path-traversal-in-tar-archive-extraction"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw has Zip Slip path traversal in tar archive extraction"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.