Detections
Analytics

OpenClaw / Clawdbot / Moltbot < 2026.1.29 Multiple Vulnerabilities

high Nessus Plugin ID 297816

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of OpenClaw / Clawdbot / Moltbot installed on the remote host is prior to 2026.1.29. It is, therefore, affected by multiple vulnerabilities:

 - A command injection vulnerability exists in OpenClaw's Docker sandbox execution mechanism due to unsafe handling of the PATH environment variable when constructing shell commands. An authenticated user able to control environment variables could influence command execution within the container context.
 (CVE-2026-24763)

 - The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like
 -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine. (CVE-2026-25157)

 - OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value. (CVE-2026-25253)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to OpenClaw / Clawdbot / Moltbot version 2026.1.29 or later.

See Also

http://www.nessus.org/u?3e016011

http://www.nessus.org/u?375228ba

http://www.nessus.org/u?7fad2778

Plugin Details

Severity: High

ID: 297816

File Name: clawdbot_CVE-2026-25253.nasl

Version: 1.1

Type: local

Agent: windows, macosx, unix

Published: 2/4/2026

Updated: 2/4/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: High

Base Score: 9.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C

CVSS Score Source: CVE-2026-25253

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/a:molty:moltbot

Required KB Items: installed_sw/Molty Clawdbot Moltbot

Patch Publication Date: 1/31/2026

Vulnerability Publication Date: 1/31/2026

Reference Information

CVE: CVE-2026-24763, CVE-2026-25157, CVE-2026-25253