This exploit leverages a path traversal vulnerability in KeepNote 0.7.8 during backup import, allowing arbitrary file writes via a crafted tar.gz archive. The PoC demonstrates writing to /home/root/.bashrc to achieve remote command execution when the bash shell is invoked.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:KeepNote 0.7.8
No auth needed
Prerequisites:KeepNote 0.7.8 installed · Ability to import a malicious backup file