Primary

Context

Grafana Image Renderer Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability has been identified in the Grafana Image Renderer plugin, versions 1.0.0 prior to 4.0.16. This vulnerability arises from an arbitrary file write issue in the '/render/csv' endpoint, which failed to properly validate the 'filePath' parameter. As a result, an attacker could save a shared object to a location of their choosing, where it would be loaded by the Chromium process. Instances are vulnerable if the default 'authToken' has not been changed or is known to the attacker, and if the attacker can access the image renderer endpoint.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where Grafana Image Renderer is running.

Remediation

Users can upgrade to Grafana Image Renderer version 4.0.17 or later to address this vulnerability.

Added: Oct 9, 2025, 8:17 AM

Updated: Oct 9, 2025, 4:17 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Grafana Image Renderer Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Grafana Image Renderer

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating