OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing…
VulnCheck·CWE-15·Published 2026-03-03
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.
### Summary OpenClaw allowed dangerous process-control environment variables from `env.vars` (for example `NODE_OPTIONS`, `LD_*`, `DYLD_*`) to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context. ### Details `collectConfigEnvVars()` accepted unfiltered keys from config and those values were merged into the daemon install environment in `buildGatewayInstallPlan()`. Before the fix, startup-control variables were not blocked in this path. ### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published affected version: `2026.2.19-2` (published February 19, 2026) - Affected range (structured): `<=2026.2.19-2 || =2026.2.19` - Patched version (pre-set for next release): `>= 2026.2.21` ### Fix Commit(s) - `2cdbadee1f8fcaa93302d7debbfc529e19868ea4` ### Release Process Note `patched_versions` is pre-set to the planned next release (`2026.2.21`). Once that npm release is published, this advisory is ready to publish without further content edits. OpenClaw thanks @tdjackey for reporting.
### Summary OpenClaw allowed dangerous process-control environment variables from `env.vars` (for example `NODE_OPTIONS`, `LD_*`, `DYLD_*`) to flow into gateway service runtime environments, enabling startup-time code execution in the OpenClaw process context. ### Details `collectConfigEnvVars()` accepted unfiltered keys from config and those values were merged into the daemon install environment in `buildGatewayInstallPlan()`. Before the fix, startup-control variables were not blocked in this path. ### Affected Packages / Versions - Package: `openclaw` (npm) - Latest published affected version: `2026.2.19-2` (published February 19, 2026) - Affected range (structured): `<=2026.2.19-2 || =2026.2.19` - Patched version (pre-set for next release): `>= 2026.2.21` ### Fix Commit(s) - `2cdbadee1f8fcaa93302d7debbfc529e19868ea4` ### Release Process Note `patched_versions` is pre-set to the planned next release (`2026.2.21`). Once that npm release is published, this advisory is ready to publish without further content edits. OpenClaw thanks @tdjackey for reporting.
Las versiones de OpenClaw anteriores a 2026.2.21 no filtran las variables de entorno peligrosas de control de procesos de las variables de entorno de configuración, lo que permite la ejecución de código en tiempo de inicio. Los atacantes pueden inyectar variables como NODE_OPTIONS o LD_* a través de la configuración para ejecutar código arbitrario en el contexto de tiempo de ejecución del servicio de pasarela OpenClaw.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 8.8 | 2.8 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.1 | — | — | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L |
| 3.1 | Secondary | GHSA | 8.8 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | NVD | 6.1 | 1.8 | 4.2 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L |
| 4.0 | Primary | cve.org | 6.9 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N |
| 4.0 | Secondary | GHSA | 6.9 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 6.9 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |