VulnCheck — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/vendors/vulncheck/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 06 May 2026 20:16:35 +0000OpenClaw Heredoc Shell Expansion Bypass (CVE-2026-44115)https://feed.craftedsignal.io/briefs/2026-05-openclaw-heredoc-bypass/Wed, 06 May 2026 20:16:35 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-openclaw-heredoc-bypass/OpenClaw before 2026.4.22 is vulnerable to shell expansion in unquoted heredoc bodies, allowing attackers to bypass exec allowlist validation and execute unauthorized commands.OpenClaw before version 2026.4.22 contains an exec allowlist analysis vulnerability that allows for shell expansion within unquoted heredoc bodies. This vulnerability, identified as CVE-2026-44115, enables attackers to bypass the intended allowlist restrictions by embedding shell expansion tokens directly into the heredoc content. When OpenClaw processes these heredocs, the embedded tokens are expanded, leading to the execution of commands that would otherwise be blocked by the allowlist. This vulnerability was reported by VulnCheck and addressed in version 2026.4.22. Successful exploitation allows an attacker with low privileges to execute arbitrary commands on the system.

Attack Chain

  1. Attacker crafts a malicious input containing an unquoted heredoc.
  2. The heredoc body includes shell expansion tokens (e.g., ${IFS}).
  3. The attacker submits the malicious input to OpenClaw.
  4. OpenClaw processes the input and passes it to the vulnerable heredoc parsing logic.
  5. The shell expansion tokens within the heredoc body are expanded before allowlist validation.
  6. The expanded command is executed, bypassing the intended restrictions.
  7. Attacker achieves arbitrary command execution on the system.

Impact

Successful exploitation of this vulnerability allows attackers to execute commands that should be blocked by the configured allowlist. This can lead to a variety of negative outcomes, including unauthorized access to sensitive data, modification of system configurations, or even complete system compromise. The severity is high due to the relative ease of exploitation (low privileges required) and the potential for significant impact on the affected system.

Recommendation

  • Upgrade OpenClaw to version 2026.4.22 or later to remediate CVE-2026-44115.
  • Deploy the Sigma rule Detect Suspicious Heredoc Usage to identify potential exploitation attempts.
  • Monitor webserver logs for suspicious activity related to OpenClaw, and review any unusual commands being executed on the system.
]]>highadvisorycve-2026-44115shell-expansionheredocallowlist-bypassincomplete-list-of-disallowed-inputs