{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T18:28:29.761","vulnerabilities":[{"cve":{"id":"CVE-2026-25157","sourceIdentifier":"security-advisories@github.com","published":"2026-02-04T20:16:06.577","lastModified":"2026-02-13T14:33:31.043","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine. This issue has been patched in version 2026.1.29."},{"lang":"es","value":"OpenClaw es un asistente personal de IA. Antes de la versión 2026.1.29, existe una vulnerabilidad de inyección de comandos del sistema operativo a través de la Ruta Raíz del Proyecto en sshNodeCommand. La función sshNodeCommand construía un script de shell sin escapar correctamente la ruta del proyecto proporcionada por el usuario en un mensaje de error. Cuando el comando cd fallaba, la ruta sin escapar se interpolaba directamente en una declaración echo, permitiendo la ejecución arbitraria de comandos en el host SSH remoto. La función parseSSHTarget no validaba que las cadenas de destino SSH no pudieran comenzar con un guion. Un objetivo proporcionado por el atacante como -oProxyCommand=... sería interpretado como una bandera de configuración SSH en lugar de un nombre de host, permitiendo la ejecución arbitraria de comandos en la máquina local. Este problema ha sido parcheado en la versión 2026.1.29."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.1.29","matchCriteriaId":"4801AF60-B3F7-4C05-A4A1-F8443F445ACD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-q284-4pvr-m585","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}