Back to directory

WRITEUP #3186

How I found the Grafana zero-day Path Traversal exploit that gave me access to your logs

OtherPath traversal

by@j0v0x0(Jordy Versmissen / J0VSEC)

Program

Grafana Labs

Published

Dec 8, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://labs.detectify.com/2021/12/15/zero-day-path-traversal-grafana/

▸ RELATED WRITEUPS

Oracle Retail Xstore Suite: Pre-authenticated Path Traversal

OtherPath traversal

Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (2/2)

OtherPath traversal

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

Directory Traversal, SQL Injection and Server-Side Request Forgery

SQL InjectionPath traversal

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

Built with ❤️ by Shubham Rawat