CVE-2026-32017
Published: 19 March 2026
Summary
CVE-2026-32017 is a high-severity Incomplete List of Disallowed Inputs (CWE-184) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 15.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires timely remediation of the allowlist bypass flaw in OpenClaw's safeBins policy via patching to version 2026.2.19 or later.
Mandates validation of command-line arguments as information inputs to the exec policy, preventing short-option bypasses that enable unauthorized file writes.
Enforces restriction to essential whitelisted binaries and functions, mitigating risks from incomplete safeBins allowlist validation by limiting overall executable capabilities.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote allowlist bypass in OpenClaw directly enables exploitation of a public-facing application (T1190) for arbitrary file writes that produce high-integrity impact from low privileges, mapping to exploitation for privilege escalation (T1068).
NVD Description
OpenClaw versions prior to 2026.2.19 contain an allowlist bypass vulnerability in the exec safeBins policy that allows attackers to write arbitrary files using short-option payloads. Attackers can bypass argument validation by attaching short options like -o to whitelisted binaries, enabling…
more
unauthorized file-write operations that should be denied by safeBins checks.
Deeper analysisAI
CVE-2026-32017 is an allowlist bypass vulnerability in the exec safeBins policy of OpenClaw versions prior to 2026.2.19. The flaw enables attackers to write arbitrary files by attaching short-option payloads, such as -o, to whitelisted binaries, thereby circumventing argument validation checks that are intended to block unauthorized file-write operations. This issue is classified under CWE-184 (Incomplete List of Disallowed Inputs) with a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L), indicating high integrity impact potential over the network with low privileges required.
Attackers with low-privilege access (PR:L) can exploit this vulnerability remotely (AV:N) with low complexity (AC:L) and no user interaction (UI:N). By appending short options to arguments of safeBins-whitelisted binaries, they bypass the policy's restrictions, achieving unauthorized arbitrary file writes that compromise system integrity (I:H) and cause limited availability disruption (A:L), without affecting confidentiality.
Mitigation is addressed in OpenClaw version 2026.2.19 and later through patches detailed in GitHub commits bafdbb6f112409a65decd3d4e7350fbd637c7754, cfe8457a0f4aae5324daec261d3b0aad1461a4bc, and fec48a5006eab37c6a5821726ccaeec886486b13. Additional guidance is available in the project's security advisory at GHSA-3x3x-h76w-hp98 and VulnCheck's advisory on the short-option bypass. Security practitioners should upgrade affected installations immediately and review exec safeBins configurations for similar bypass risks.
Details
- CWE(s)