cve/2020/CVE-2020-13379.md

### [CVE-2020-13379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13379)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.

### POC

#### Reference
- http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html
- http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html
- https://community.grafana.com/t/release-notes-v6-7-x/27119
- https://community.grafana.com/t/release-notes-v6-7-x/27119
- https://community.grafana.com/t/release-notes-v7-0-x/29381
- https://community.grafana.com/t/release-notes-v7-0-x/29381
- https://mostwanted002.cf/post/grafanados/
- https://mostwanted002.cf/post/grafanados/

#### Github
- https://github.com/3th1c4l-t0n1/awesome-csirt
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/MustafaSky/Guide-to-SSRF
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Spacial/awesome-csirt
- https://github.com/The-Cracker-Technology/jaeles
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/assetnote/blind-ssrf-chains
- https://github.com/b1n4ryx/oscp-cheatsheet
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dalersinghmti/SSRF
- https://github.com/gkhan496/WDIR
- https://github.com/jaeles-project/jaeles
- https://github.com/jaeles-project/jaeles-signatures
- https://github.com/webexplo1t/Jaeles
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-13379](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13379)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- http://packetstormsecurity.com/files/158320/Grafana-7.0.1-Denial-Of-Service.html`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://community.grafana.com/t/release-notes-v6-7-x/27119`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://community.grafana.com/t/release-notes-v6-7-x/27119`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://community.grafana.com/t/release-notes-v7-0-x/29381`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://community.grafana.com/t/release-notes-v7-0-x/29381`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://mostwanted002.cf/post/grafanados/`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://mostwanted002.cf/post/grafanados/`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`- https://github.com/3th1c4l-t0n1/awesome-csirt`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/ARPSyndicate/kenzer-templates`
			`- https://github.com/Elsfa7-110/kenzer-templates`
			`- https://github.com/MustafaSky/Guide-to-SSRF`
			`- https://github.com/SexyBeast233/SecBooks`
			`- https://github.com/Spacial/awesome-csirt`
			`- https://github.com/The-Cracker-Technology/jaeles`
			`- https://github.com/alphaSeclab/sec-daily-2020`
			`- https://github.com/assetnote/blind-ssrf-chains`
			`- https://github.com/b1n4ryx/oscp-cheatsheet`
			`- https://github.com/d4n-sec/d4n-sec.github.io`
			`- https://github.com/dalersinghmti/SSRF`
			`- https://github.com/gkhan496/WDIR`
			`- https://github.com/jaeles-project/jaeles`
			`- https://github.com/jaeles-project/jaeles-signatures`
			`- https://github.com/webexplo1t/Jaeles`