0xPThree.gitbook.io

Network Services
- Ports
Active Directory
Coding Languages
- Python
Exploits / PoC's
Hardware
- Firmware
- JTAG
- SPI
- UART
- USB
Post Exploit
Development
TODO

Powered by GitBook

On this page

CVE-2021-43798
CVE-2021-43798

Was this helpful?

Network Services

Ports

80, 443 - HTTP(S)

Grafana

Last updated 1 year ago

The file /etc/grafana/grafana.ini can contain sensitive information such as admin username and password.
By default it uses SQLite3 database in /var/lib/grafana/grafana.db
- select user,password,database from data_source;

CVE-2021-43798

Affected version(s): 8.3.0

CVE-2021-43798

Affected version(s): 8.3.1, 8.2.7, 8.1.8, 8.0.7

Grafana 8.3.0 - Directory Traversal and Arbitrary File ReadExploit Database

GitHub - jas502n/Grafana-CVE-2021-43798: Grafana Unauthorized arbitrary file reading vulnerabilityGitHub