Leanote 2.7.0 - Local File Read
5,5
Medium
Discovered by
Offensive Team, Fluid Attacks
Summary
Full name
Leanote 2.7.0 - Local File Read
Code name
State
Public
Release date
6 feb 2024
Affected product
Leanote
Affected version(s)
Version 2.7.0
Vulnerability name
Lack of data validation - Path Traversal
Vulnerability type
Remotely exploitable
No
CVSS v3.1 vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVSS v3.1 base score
5.5
Exploit available
Yes
CVE ID(s)
Description
Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR.
Vulnerability
A local file read (LFR) vulnerability has been identified in Leanote that allows an attacker to obtain arbitrary local files from the server. This was possible because not all security considerations that an electron-based application should have were followed.
Exploit
exploit.html
entrypoint.html
Our security policy
We have reserved the ID CVE-2024-0849 to refer to this issue from now on. Disclosure policy
System Information
Version: Leanote 2.7.0
Operating System: MacOS
Mitigation
There is currently no patch available for this vulnerability.
References
Vendor page https://github.com/leanote/desktop-app
Timeline
IA generativa
23 ene 2023
Vendor contacted
23 ene 2023
Public disclosure
6 feb 2023
