EIP-2026-102847

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102847. PoCs published by forensec.

AI-analyzed exploit summary This exploit targets a local stack-based buffer overflow in the GKrellWeather plugin for GKrellM (version 0.2.7). It injects shellcode via an environment variable and overwrites the return address to execute arbitrary code, potentially leading to privilege escalation if combined with sudo misconfigurations.

Description

GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Buffer Overflow

Exploits (1)

exploitdb WORKING POC VERIFIED

by forensec · clocallinux

https://www.exploit-db.com/exploits/31151

View Code ZIP pw:eip

This exploit targets a local stack-based buffer overflow in the GKrellWeather plugin for GKrellM (version 0.2.7). It injects shellcode via an environment variable and overwrites the return address to execute arbitrary code, potentially leading to privilege escalation if combined with sudo misconfigurations.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GKrellWeather plugin for GKrellM 0.2.7

No auth needed

Prerequisites: Local access to the target system · GKrellM with GKrellWeather plugin installed · Write access to the user-config file (~/.gkrellm2/user-config) · Sudo misconfiguration for privilege escalation (optional)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Buffer Overflow

Exploitation Summary

Description

Exploits (1)

Details