![[openclaw] OpenClaw Canvas Path Traversal Information Disclosure Vulnerability](/assets/images/github_com_1772501102414.png)
Security Advisories์ถ์ฒ: GitHub Security Advisories์กฐํ์ 2
[openclaw] OpenClaw Canvas Path Traversal Information Disclosure Vulnerability
By GitHub2026๋
3์ 3์ผ
**[openclaw] OpenClaw Canvas Path Traversal Information Disclosure Vulnerability**
ZDI-CAN-29312: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability -- ABSTRACT ------------------------------------- Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products: OpenClaw - OpenClaw -- VULNERABILITY DETAILS ------------------------ Version tested: openclaw 2026.2.17 Platform tested: macOS 26.3 Analysis Description The OpenClaw gateway's canvas tool accepts an a2ui_push action with a jsonlPath parameter that specifies a filesystem path to read. The gateway reads this file using fs.readFile() with no path validation, canonicalization, or directory restriction. An authenticated attacker can supply an arbitrary absolute or relative path to read any file accessible to the gateway process. The file contents are forwarded to the connected node client via the canvas.a2ui.pushJSONL WebSocket command. The gateway itself returns { ok: true } to the HTTP caller, confirming the file was read and transmitted...
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.
ZDI-CAN-29312: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability -- ABSTRACT ------------------------------------- Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products: OpenClaw - OpenClaw -- VULNERABILITY DETAILS ------------------------ Version tested: openclaw 2026.2.17 Platform tested: macOS 26.3 Analysis Description The OpenClaw gateway's canvas tool accepts an a2ui_push action with a jsonlPath parameter that specifies a filesystem path to read. The gateway reads this file using fs.readFile() with no path validation, canonicalization, or directory restriction. An authenticated attacker can supply an arbitrary absolute or relative path to read any file accessible to the gateway process. The file contents are forwarded to the connected node client via the canvas.a2ui.pushJSONL WebSocket command. The gateway itself returns { ok: true } to the HTTP caller, confirming the file was read and transmitted...
---
**[devsupporter ํด์ค]**
์ด ๊ธฐ์ฌ๋ GitHub Security Advisories์์ ์ ๊ณตํ๋ ์ต์ ๊ฐ๋ฐ ๋ํฅ์ ๋๋ค. ๊ด๋ จ ๋๊ตฌ๋ ๊ธฐ์ ์ ๋ํด ๋ ์์๋ณด์๋ ค๋ฉด ์๋ณธ ๋งํฌ๋ฅผ ์ฐธ๊ณ ํ์ธ์.