CVE-2026-32030 in OpenClaw
Summary
by MITRE • 03/20/2026
OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the OpenClaw process on the configured remote host via SCP.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 03/26/2026
The vulnerability identified as CVE-2026-32030 represents a critical path traversal flaw within OpenClaw software versions prior to 2026.2.19. This security weakness specifically affects the stageSandboxMedia function which handles iMessage remote attachment fetching capabilities. The flaw manifests when the application processes attachment metadata that contains arbitrary absolute paths, creating an avenue for unauthorized file access. The vulnerability is particularly concerning because it leverages the legitimate iMessage attachment handling functionality to execute malicious file disclosure operations, making it difficult to distinguish from normal application behavior.
The technical implementation of this vulnerability stems from inadequate input validation within the stageSandboxMedia function. When iMessage remote attachment fetching is enabled, the system accepts metadata containing absolute file paths without proper sanitization or validation. This allows an attacker to manipulate the path information stored in attachment metadata, effectively bypassing normal file system access controls. The vulnerability specifically enables attackers to traverse file system paths and access files that are readable by the OpenClaw process running on the remote host. The exploitation mechanism relies on the Secure Copy Protocol SCP functionality, which the application uses for file transfers, thereby extending the attack surface beyond simple file system traversal.
The operational impact of this vulnerability extends beyond simple information disclosure, as it provides attackers with the capability to access sensitive files on the target system that are readable by the OpenClaw process. This could include configuration files, user data, or system information that may reveal additional attack vectors or compromise the integrity of the entire system. The vulnerability is particularly dangerous in environments where OpenClaw operates with elevated privileges or has access to sensitive data repositories. The attack requires minimal privileges to execute and can be performed by an attacker who can manipulate attachment metadata, potentially through social engineering or compromised communication channels.
Security professionals should implement immediate mitigations including updating to OpenClaw version 2026.2.19 or later which contains the necessary patches for this vulnerability. Additionally, administrators should disable iMessage remote attachment fetching functionality if it is not essential for operations, as this removes the attack vector entirely. Network segmentation and monitoring should be implemented to detect suspicious SCP traffic patterns that may indicate exploitation attempts. The vulnerability aligns with CWE-22 Path Traversal and follows ATT&CK technique T1074 Data Staged, emphasizing the importance of proper input validation and privilege separation in application design. Organizations should also conduct comprehensive security audits of all applications that handle remote file operations to identify similar vulnerabilities in their infrastructure.