Skip to content
CVSS 8.1 · HIGH

CVE-2026-41383

OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config paths to cause mirror sync operations to delete unintended remote directory contents and replace them with uploaded workspace data.

Ver en NVD

Análisis

OpenClaw is a niche synchronization tool, and this vulnerability allows attackers to delete and replace remote directories by manipulating configuration paths. Given its limited adoption compared to mainstream CI/CD or sync tools, it does not warrant a high-priority alert for the general developer community.

Severidad

Puntaje: 8.1(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: NONE
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-22

EPSS

Probabilidad de explotación (próx. 30 días): 0.0005 (0.1%)
Percentil: 15.5%
EPSS: 2026-05-06

Afecta

openclaw:openclaw

Descripción técnica

OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config paths to cause mirror sync operations to delete unintended remote directory contents and replace them with uploaded workspace data.

Publicada: 28/4/2026, 19:37:41
Última modificación: 1/5/2026, 15:52:02

Referencias

InicioEventosBlogRecursosEquipo