CVE-2024-9264
Grafana SQL Expressions allow for remote code execution
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Produtos afetados
Grafana · GrafanaPoCs públicas encontradas — 11
githubgithub.com/nollium/CVE-2024-9264★ 132githubgithub.com/z3k0sec/CVE-2024-9264-RCE-Exploit★ 39githubgithub.com/z3k0sec/File-Read-CVE-2024-9264★ 7githubgithub.com/Cythonic1/CVE-2024-9264★ 3githubgithub.com/rvzsec/CVE-2024-9264★ 2githubgithub.com/patrickpichler/grafana-CVE-2024-9264★ 0githubgithub.com/amalpvatayam67/day05-grafana-sqlexpr-lab★ 0githubgithub.com/punitdarji/Grafana-CVE-2024-9264★ 0githubgithub.com/Exerrdev/CVE-2024-9264-Fixed★ 0githubgithub.com/Royall-Researchers/CVE-2024-9264★ 0githubgithub.com/ruizii/CVE-2024-9264★ 0⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →