Rewards Hub The China Academy of Information and Communications Technology (CAICT), in collaboration with Shanghai Jiao Tong University and Nanjing University, has identified and patched a high-risk command injection vulnerability in OpenClaw. This vulnerability, found in the bash-tools module of the open-source autonomous intelligent agent framework, was discovered during a security audit. It allowed attackers to bypass defenses and execute remote code by exploiting command-line arguments generated by LLM.
The research team successfully verified the attack across various mainstream model environments and has submitted remediation suggestions to the NVDB AI Product Security Vulnerability Database and the GitHub community. This proactive measure aims to enhance the security of OpenClaw and protect sensitive data from potential exploitation.
High-Risk Vulnerability in OpenClaw Patched by CAICT and Universities
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.