CVE-2026-28447
Published: 05 March 2026
Summary
CVE-2026-28447 is a high-severity Path Traversal (CWE-22) vulnerability in Openclaw Openclaw. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 12.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents path traversal attacks by validating plugin package names and paths to block sequences like '..' before file write operations.
Mandates timely flaw remediation, such as upgrading OpenClaw to version 2026.2.1, to eliminate the path traversal vulnerability.
Restricts user-installed software like plugins, preventing execution of the vulnerable 'plugins install' command with malicious packages.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in plugin installer enables arbitrary file write when victim runs install on attacker-crafted package (T1204.002); resulting write of package contents to chosen locations directly facilitates transfer of malicious files/tools onto the system (T1105).
NVD Description
OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attackers can craft scoped package names containing path traversal sequences like .. to write files…
more
outside the intended installation directory when victims run the plugins install command.
Deeper analysisAI
CVE-2026-28447 is a path traversal vulnerability (CWE-22) in the plugin installation feature of OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1. The flaw allows malicious plugin package names, particularly scoped names containing path traversal sequences like "..", to escape the intended extensions directory and write files to arbitrary locations outside the installation path when victims execute the "plugins install" command.
The vulnerability can be exploited by remote attackers requiring no privileges (PR:N) over the network (AV:N) with low attack complexity (AC:L), though it demands user interaction (UI:R) such as installing a crafted plugin package. Successful exploitation enables high-impact integrity (I:H) and availability (A:H) compromises with no confidentiality impact (C:N) and unchanged scope (S:U), earning a CVSS v3.1 base score of 8.1. Attackers can achieve arbitrary file writes beyond the extensions directory, potentially leading to system compromise depending on the targeted paths and permissions.
Advisories recommend upgrading to OpenClaw version 2026.2.1 or later to mitigate the issue. Detailed guidance is available in the GitHub security advisory (GHSA-qrq5-wjgg-rvqw) at https://github.com/openclaw/openclaw/security/advisories/GHSA-qrq5-wjgg-rvqw, the patching commit at https://github.com/openclaw/openclaw/commit/d03eca8450dc493b198a88b105fd180895238e57, and the VulnCheck advisory at https://www.vulncheck.com/advisories/openclaw-beta-path-traversal-in-plugin-installation-via-package-name.
Details
- CWE(s)