支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款
一、 漏洞 CVE-2021-43798 基础信息
漏洞信息
                                        # Grafana 路径遍历漏洞

## 漏洞概述
Grafana 开源平台版本 8.0.0-beta1 至 8.3.0(除了修复版本)存在目录穿越漏洞,可以访问本地文件。

## 影响版本
- 8.0.0-beta1 至 8.3.0(除了修复版本)

## 细节
- 漏洞路径:`<grafana_host_url>/public/plugins//`,其中是任何已安装插件的插件ID。
- 受影响的 URL 路径存在目录穿越漏洞,允许未经授权的用户访问本地文件。
- 建议用户升级到已修复版本 8.0.7、8.1.8、8.2.7 或 8.3.1。
- Grafana Cloud 从未受到影响。

## 影响
- 未经授权的用户可能访问本地文件,导致信息泄露。
- 建议用户立即升级以防止潜在的安全威胁。
神龙判断

是否为 Web 类漏洞:

判断理由:

是。这个漏洞涉及Grafana服务端,允许攻击者通过目录遍历访问服务器上的本地文件。具体是通过特定的URL路径实现的,这直接影响了Web服务的安全性。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Grafana path traversal
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
来源:美国国家漏洞数据库 NVD
漏洞类别
对路径名的限制不恰当(路径遍历)
来源:美国国家漏洞数据库 NVD
漏洞标题
Grafana 路径遍历漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Grafana是Grafana实验室的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana 8.0.0-beta1至8.3.0存在路径遍历漏洞,攻击者可利用该漏洞执行目录遍历攻击,访问本地文件。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
路径遍历
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2021-43798 的公开POC
#POC 描述源链接神龙链接
1CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth)https://github.com/taythebot/CVE-2021-43798POC详情
2Grafana Arbitrary File Reading Vulnerabilityhttps://github.com/zer0yu/CVE-2021-43798POC详情
3Grafana Unauthorized arbitrary file reading vulnerabilityhttps://github.com/jas502n/Grafana-CVE-2021-43798POC详情
4CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数https://github.com/ScorpionsMAX/CVE-2021-43798-Grafana-POCPOC详情
5CVE-2021-43798:Grafana 任意文件读取漏洞https://github.com/Mr-xn/CVE-2021-43798POC详情
6Grafanav8.*版本任意文件读取漏洞批量检测工具:该漏洞目前为0day漏洞,未授权的攻击者利用该漏洞,能够获取服务器敏感文件。https://github.com/asaotomo/CVE-2021-43798-Grafana-ExpPOC详情
7A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.https://github.com/A-D-Team/grafanaExpPOC详情
8利用grafan CVE-2021-43798任意文件读漏洞,自动探测是否有漏洞、存在的plugin、提取密钥、解密server端db文件,并输出data_sourrce信息。https://github.com/kenuosec/grafanaExpPOC详情
9grafana CVE-2021-43798任意文件读取漏洞POC,采用多插件轮训检测的方法,允许指定单URL和从文件中读取URLhttps://github.com/M0ge/CVE-2021-43798-grafana_filereadPOC详情
10Grafana File-Read Vulnhttps://github.com/JiuBanSec/Grafana-CVE-2021-43798POC详情
11CVE-2021-43798-Grafana任意文件读取漏洞https://github.com/lfz97/CVE-2021-43798-Grafana-File-ReadPOC详情
12Nonehttps://github.com/s1gh/CVE-2021-43798POC详情
13Simple program for exploit grafanahttps://github.com/z3n70/CVE-2021-43798POC详情
14Grafana-POC任意文件读取漏洞(CVE-2021-43798)https://github.com/Mo0ns/Grafana_POC-CVE-2021-43798POC详情
15CVE-2021-43798Exp多线程批量验证脚本https://github.com/fanygit/Grafana-CVE-2021-43798ExpPOC详情
16CVE-2021-43798 is a vulnerability marked as High priority (CVSS 7.5) leading to arbitrary file read via installed plugins in Grafana application.https://github.com/LongWayHomie/CVE-2021-43798POC详情
17This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798POC详情
18Nonehttps://github.com/gixxyboy/CVE-2021-43798POC详情
19Grafana8.x 任意文件读取https://github.com/Ryze-T/CVE-2021-43798POC详情
20CVE-2021-43798 Grafana任意文件读取https://github.com/k3rwin/CVE-2021-43798-GrafanaPOC详情
21Nonehttps://github.com/gps1949/CVE-2021-43798POC详情
22Nonehttps://github.com/halencarjunior/grafana-CVE-2021-43798POC详情
23运用golang写的grafana批量验证脚本,内置48个验证https://github.com/light-Life/CVE-2021-43798POC详情
24Grafana8.x 任意文件读取https://github.com/rnsss/CVE-2021-43798-pocPOC详情
25Nonehttps://github.com/rodpwn/CVE-2021-43798-mass_scannerPOC详情
26Nonehttps://github.com/aymenbouferroum/CVE-2021-43798_exploitPOC详情
27Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798).https://github.com/Jroo1053/GrafanaDirInclusionPOC详情
28This repository contains files for reproducing the vulnerability.https://github.com/yasin-cs-ko-ak/grafana-cve-2021-43798POC详情
29Nonehttps://github.com/BJLIYANLIANG/CVE-2021-43798-Grafana-File-ReadPOC详情
30Nonehttps://github.com/lalkaltest/CVE-2021-43798POC详情
31Grafana - Directory Traversal and Arbitrary File Readhttps://github.com/hupe1980/CVE-2021-43798POC详情
32Nonehttps://github.com/G01d3nW01f/CVE-2021-43798POC详情
33This script implements a lab automation where I exploit CVE-2021-43798 to steal user secrets and then gain privileges on a Linux system.https://github.com/mauricelambert/LabAutomationCVE-2021-43798POC详情
34Exploit for grafana CVE-2021-43798https://github.com/FAOG99/GrafanaDirectoryScannerPOC详情
35POC for CVE-2021-43798 written in pythonhttps://github.com/nuker/CVE-2021-43798POC详情
36Nonehttps://github.com/victorhorowitz/grafana-exploit-CVE-2021-43798POC详情
37Nonehttps://github.com/katseyres2/CVE-2021-43798POC详情
38Nonehttps://github.com/Iris288/CVE-2021-43798POC详情
39CVE-2021-43798Exp多线程批量验证脚本https://github.com/faaaany/Grafana-CVE-2021-43798ExpPOC详情
40This repository contains files for reproducing the vulnerability.https://github.com/yasindce1998/grafana-cve-2021-43798POC详情
41Directory Traversal and Arbitrary File Read on Grafanahttps://github.com/wagneralves/CVE-2021-43798POC详情
42A PoC exploit for CVE-2021-43798 - Grafana Directory Traversalhttps://github.com/K3ysTr0K3R/CVE-2021-43798-EXPLOITPOC详情
43Nonehttps://github.com/ticofookfook/CVE-2021-43798POC详情
44Nonehttps://github.com/topyagyuu/CVE-2021-43798POC详情
45Exploit for CVE-2021-43798https://github.com/xchg-rax-rax/CVE-2021-43798POC详情
46Nonehttps://github.com/MalekAlthubiany/CVE-2021-43798POC详情
47Grafana Decryptor for CVE-2021-43798https://github.com/Sic4rio/Grafana-Decryptor-for-CVE-2021-43798POC详情
48Python implementation of a tool for decrypting and encrypting sensitive data in Grafana, specifically addressing the vulnerabilities associated with CVE-2021-43798. Grafana encrypts all data source passwords using the AES algorithm with the secret_key found in the defaults.ini configuration file.https://github.com/sazzad1337/Grafana-CVE-2021-43798POC详情
49Python implementation of a tool for decrypting and encrypting sensitive data in Grafana, specifically addressing the vulnerabilities associated with CVE-2021-43798. Grafana encrypts all data source passwords using the AES algorithm with the secret_key found in the defaults.ini configuration file.https://github.com/0xSAZZAD/Grafana-CVE-2021-43798POC详情
50Automated Exploit Tool for Grafana CVE-2021-43798: Scanning common files that contain juicy informations and extracting SSH keys from compromised users.https://github.com/wezoomagency/GrafXploitPOC详情
51CVE-2021-43798 working exploithttps://github.com/davidr-io/Grafana-8.3-Directory-TraversalPOC详情
52Modified exploit for CVE-2021-43798 compatible with both Windows and Linux hosts.https://github.com/ravi5hanka/CVE-2021-43798-Exploit-for-Windows-and-LinuxPOC详情
53Nonehttps://github.com/monke443/CVE-2021-43798-Grafana-Arbitrary-File-ReadPOC详情
54 Arbitrary file read in Grafana allows an attacker to read server files by abusing a path traversal.https://github.com/monke443/CVE-2021-43798POC详情
55Grafana 8.x is vulnerable to local file inclusion.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/grafana/grafana-file-read.yamlPOC详情
56Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `<grafana_host_url>/public/plugins/NAME/`, where NAME is the plugin ID for any installed plugin.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-43798.yamlPOC详情
57Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Grafana%208.x%20%E6%8F%92%E4%BB%B6%E6%A8%A1%E5%9D%97%E7%9B%AE%E5%BD%95%E7%A9%BF%E8%B6%8A%E6%BC%8F%E6%B4%9E%20CVE-2021-43798.mdPOC详情
58https://github.com/vulhub/vulhub/blob/master/grafana/CVE-2021-43798/README.mdPOC详情
59Automated Exploit Tool for Grafana CVE-2021-43798: Scanning common files that contain juicy informations and extracting SSH keys from compromised users.https://github.com/hxlxmj/GrafxploitPOC详情
60Updated exploit script for the CVE-2021-43798 https://github.com/suljov/Grafana-LFI-exploitPOC详情
61Automated path traversal testing tool for Grafana plugin endpoints using curl and Bash.https://github.com/abuyazeen/CVE-2021-43798-Grafana-path-traversal-testerPOC详情
62CVE-2021-43798 working exploithttps://github.com/dcryp7/Grafana-8.3-Directory-TraversalPOC详情
63CVE-2021-43798 working exploithttps://github.com/dav1dsec/Grafana-8.3-Directory-TraversalPOC详情
64CVE-2021-43798 working exploithttps://github.com/davidrxchester/Grafana-8.3-Directory-TraversalPOC详情
65grafana CVE-2021-43798任意文件读取漏洞POC,采用多插件轮训检测的方法,允许指定单URL和从文件中读取URLhttps://github.com/MoCh3n/CVE-2021-43798-grafana_filereadPOC详情
66CVE-2021-43798 is a high-severity path traversal vulnerability (CVSS 3.1 score: 7.5) affecting Grafana versions 8.0.0-beta1 through 8.3.0. It allows unauthenticated attackers to read arbitrary files from the server by exploiting improper sanitization in the /public/plugins/:pluginId endpointhttps://github.com/f3d0rq/CVE-2021-43798POC详情
67Python toolkit for decrypting AES-256 and cracking PBKDF2 passwords from Grafana databases usually paired with (CVE-2021-43798)https://github.com/strikoder/Grafana-Password-DecryptorPOC详情
68CVE-2021-4379 Enumeration Toolshttps://github.com/baktistr/cve-2021-43798-enumPOC详情
三、漏洞 CVE-2021-43798 的情报信息
四、漏洞 CVE-2021-43798 的评论

暂无评论

发表评论