Headline
Grafana Remote Code Execution
This repository contains a Python script that exploits a remote code execution vulnerability in Grafana’s SQL Expressions feature. By leveraging insufficient input sanitization, this exploit allows an attacker to execute arbitrary shell commands on the server. This is made possible through the shellfs community extension, which can be installed and loaded by an attacker to facilitate command execution.
© 2024 Packet Storm. All rights reserved.