all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€

Add to bookmarks
Nov. 11, 2023, 8:06 a.m. | Pratik Dabhi

InfoSec Write-ups - Medium infosecwriteups.com

Hello there,

I am Pratik Dabhi, a Bug Bounty Hunter and a Penetration Tester. Many of you may already know me, but for those who aren’t, please visit my website to learn more about me.

In this blog, I will share an interesting bug I discovered last year on a multinational corporation’s website. The bug revolves around how I gained unauthorized access to the Grafana Dashboard. As in my recent blog posts, I’ve been detailing the bugs found during the …

bug bounty bugcrowd hackerone

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

Private Interact.sh server setup with a web dashboard 1 day, 9 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking tools +1
Understanding 403 Bypass: A Critical Vulnerability in Web Application Security 2 days, 9 hours ago | infosecwriteups.com
403 bypass access application applications +28
Hack Stories: Hacking Hackers EP:3 3 days, 9 hours ago | infosecwriteups.com
big bug bounty cybersecurity hack +9
Mastering Shodan Search Engine 4 days, 10 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity information security +1
Email Verification Bypass via Remember Me 4 days, 10 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking pentesting +1
Exploiting Symlinks: A Deep Dive into CVE-2024–28185 and CVE-2024–28189 of Judge0 Sandboxes 4 days, 10 hours ago | infosecwriteups.com
attacks code code execution continue +15
Typo Trouble: Exploring the Telegram Python RCE Vulnerability 4 days, 10 hours ago | infosecwriteups.com
address alerts application concept +25
Active DNS Recon using AXIOM 4 days, 10 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
Information Disclosure: Story of 500€ + 400$ Bounty 4 days, 10 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking information technology +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs