OpenClaw < 2026.2.19 - Command Injection via Unescaped Environment Variables in Windows Scheduled Task Script Generation

OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written to gateway.cmd using unquoted set KEY=VALUE assignments, allowing shell metacharacters to break out of assignment context. Attackers can inject arbitrary commands through environment variable values containing metacharacters like &, |, ^, %, or ! to achieve command execution when the scheduled task script is generated and executed.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

OpenClaw 操作系统命令注入漏洞

OpenClaw是OpenClaw开源的一个智能人工助理。 OpenClaw 2026.2.19之前版本存在操作系统命令注入漏洞，该漏洞源于Windows计划任务脚本生成中存在命令注入，环境变量使用未加引号的set KEY=VALUE赋值写入gateway.cmd，允许shell元字符突破赋值环境，攻击者可通过包含特殊元字符的环境变量值注入任意命令。

N/A

N/A