BIT-grafana-image-renderer-2025-11539

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/grafana-image-renderer/BIT-grafana-image-renderer-2025-11539.json

JSON Data

https://api.test.osv.dev/v1/vulns/BIT-grafana-image-renderer-2025-11539

Aliases

CVE-2025-11539

Published

2025-10-11T08:40:19.610Z

Modified

2025-10-11T09:27:42.105482Z

Summary

Arbitrary Code Execution in Grafana Image Renderer Plugin

Details

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then loaded by the Chromium process.

Instances are vulnerable if:

The default token ("authToken") is not changed, or is known to the attacker.
The attacker can reach the image renderer endpoint. This issue affects grafana-image-renderer: from 1.0.0 through 4.0.16.

Database specific

{
    "severity": "Critical",
    "cpes": [
        "cpe:2.3:a:grafana:grafana-image-renderer:*:*:*:*:*:grafana:*:*"
    ]
}

References

Affected packages

Bitnami / grafana-image-renderer

Package

Name: grafana-image-renderer
Purl: pkg:bitnami/grafana-image-renderer

Severity

9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

1.0.0

Fixed

4.0.17