.. / CVE-2022-26148

Exploit for Grafana & Zabbix Integration - Credentials Disclosure (CVE-2022-26148)

Description:

Grafana through 7.3.4, when integrated with Zabbix, contains a credential disclosure vulnerability. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.

Nuclei Template

View the template here CVE-2022-26148.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-26148.yaml

References:

https://security.netapp.com/advisory/ntap-20220425-0005/
https://nvd.nist.gov/vuln/detail/CVE-2022-26148
https://2k8.org/post-319.html
https://github.com/Z0fhack/Goby_POC
https://github.com/HimmelAward/Goby_POC

.. / CVE-2022-26148 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Grafana & Zabbix Integration - Credentials Disclosure (CVE-2022-26148)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-26148