CVE-2026-22177
Published: 18 March 2026
Summary
CVE-2026-22177 is a medium-severity External Control of System or Configuration Setting (CWE-15) vulnerability in Openclaw Openclaw. Its CVSS base score is 6.1 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 7.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-5 (Access Restrictions for Change) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation and filtering of dangerous process-control environment variables like NODE_OPTIONS or LD_* from configuration inputs at startup.
Restricts low-privilege local access to OpenClaw configuration files and change mechanisms, preventing injection of malicious environment variables.
Mandates timely flaw remediation via patching to OpenClaw 2026.2.21 or later, which implements the necessary environment variable filtering.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vuln enables arbitrary code exec at service startup via injection of LD_* (dynamic linker hijacking) and NODE_OPTIONS (script interpreter abuse) env vars from config.
NVD Description
OpenClaw versions prior to 2026.2.21 fail to filter dangerous process-control environment variables from config env.vars, allowing startup-time code execution. Attackers can inject variables like NODE_OPTIONS or LD_* through configuration to execute arbitrary code in the OpenClaw gateway service runtime context.
Deeper analysisAI
CVE-2026-22177 affects OpenClaw versions prior to 2026.2.21, where the software fails to filter dangerous process-control environment variables from configuration environment variables. This vulnerability, classified under CWE-15 (External Control of System or Configuration Setting), enables startup-time code execution in the OpenClaw gateway service runtime context. Attackers can inject variables such as NODE_OPTIONS or LD_* through configuration to execute arbitrary code. The issue received a CVSS v3.1 base score of 6.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L) and was published on 2026-03-18.
Local attackers with low privileges can exploit this vulnerability by injecting malicious environment variables into OpenClaw configurations. Exploitation requires local access and low complexity with no user interaction, allowing arbitrary code execution at service startup within the gateway's runtime context. This results in high integrity impact and low availability impact, but no confidentiality impact, as the scope remains unchanged.
Mitigation details are provided in GitHub Security Advisories GHSA-8fmp-37rc-p5g7 and GHSA-w9j9-w4cp-6wgr, a patch commit at https://github.com/openclaw/openclaw/commit/2cdbadee1f8fcaa93302d7debbfc529e19868ea4, and a VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-environment-variable-injection-via-config-env-vars. Updating to OpenClaw version 2026.2.21 or later addresses the filtering failure.
Details
- CWE(s)