'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app:grafana_post_auth_duckdb_sql_injection_vulnerability(Rule ID:1070210324)

Release Date2025/9/15

Rule NameCVE-2024-9264:Grafana Post-Auth DuckDB SQL Injection Vulnerability

Severity:critical

CVE IDCVE-2024-9264

 

Descripiton

The SQL Expressions experimental feature of Grafana allows for the evaluation of 'duckdb' queries containing user input. These queries are insufficiently sanitized before being passed to 'duckdb', leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The 'duckdb' binary must be present in Grafana's $PATH for this attack to function. By default, this binary is not installed in Grafana distributions. rule supports to defend the A9: Using Components with Known Vulnerabilities of OWASP TOP 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.