logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-32275

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-32275

Description:
Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content
Last updated date:
08/03/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/14/2022
Reference url to background

https://github.com/BrotherOfJhonny/grafana

Type:
exploit
Confidence:
HIGH
Date of publishing:
06/14/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/09/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2025

Privacy Policy