The China Academy of Information and Communications Technology collaborates with universities to discover and fix the high-risk command injection vulnerability in OpenClaw

According to market news, a joint team from the China Academy of Information and Communications Technology, Shanghai Jiao Tong University, and Nanjing University discovered a high-risk LLM-driven command injection vulnerability in the bash-tools module of the open-source autonomous intelligent agent framework OpenClaw during a security audit. This vulnerability arises from the system's failure to strictly escape command line parameters generated by the LLM, allowing attackers to bypass regex defenses through inducive prompts, achieving remote code execution on the host machine and stealing sensitive data.

The research team has completed attack validation in various mainstream model environments, initiated a responsible vulnerability disclosure process, and submitted repair suggestions to the NVDB Artificial Intelligence Product Security Vulnerability Professional Database (CAIVD) and the GitHub community.