CVE-2022-32275
- Reference to the description:
- Description:
- Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content
- Last updated date:
- 08/03/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/14/2022
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/14/2022
- Reference url to background
https://github.com/BrotherOfJhonny/grafana/blob/main/README.md
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/09/2022
- Reference url to background