Plattform
other
Komponente
business-links
Behoben in
2.4.1
CVE-2025-58746 is a privilege escalation vulnerability discovered in Volkov Labs Business Links, a Grafana panel. This flaw allows users with Editor privileges to escalate to Administrator, enabling them to perform arbitrary administrative actions. The vulnerability impacts versions of Business Links prior to 2.4.0 and has been resolved in version 2.4.0.
The impact of CVE-2025-58746 is significant due to the ease of exploitation and the potential for complete system compromise. An attacker with Editor access can inject malicious JavaScript code through the 'URL' field within the 'Link' settings of the panel. This injected code can then be leveraged to gain Administrator privileges, granting them full control over the Grafana instance and any associated data. This could lead to data breaches, unauthorized modifications to dashboards, and potentially even the complete takeover of the Grafana environment. The ability to execute arbitrary JavaScript elevates the risk beyond simple configuration changes, opening the door to more sophisticated attacks.
CVE-2025-58746 was publicly disclosed on 2025-09-08. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's ease of exploitation suggests a high probability of exploitation. The EPSS score is likely to be assessed as medium to high, given the critical CVSS score and the potential for widespread impact. It is not currently listed on the CISA KEV catalog.
Organizations using Volkov Labs Business Links within their Grafana dashboards are at risk, particularly those with multiple users granted Editor privileges. Shared hosting environments where multiple users share access to a single Grafana instance are especially vulnerable, as a compromised Editor account could impact the entire environment. Legacy configurations with outdated versions of Business Links are also at heightened risk.
• windows / supply-chain: Monitor PowerShell execution for suspicious JavaScript code related to Grafana configuration changes.
Get-Process | Where-Object {$_.ProcessName -like '*grafana*'} | Select-Object -ExpandProperty CommandLine• linux / server: Examine Grafana logs for unusual JavaScript execution patterns or attempts to modify administrative settings.
journalctl -u grafana -f | grep -i javascript• wordpress / composer / npm: N/A - This vulnerability does not directly affect WordPress, Composer, or npm. • database (mysql, redis, mongodb, postgresql): N/A - This vulnerability does not directly affect databases. • generic web: Monitor Grafana instance access logs for requests containing suspicious URL parameters or JavaScript code.
disclosure
Exploit-Status
EPSS
0.04% (10% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-58746 is to immediately upgrade Volkov Labs Business Links to version 2.4.0 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider restricting user permissions to minimize the potential impact. Specifically, limit the number of users with Editor privileges. While a direct WAF rule is difficult to implement due to the JavaScript injection point, monitoring Grafana logs for unusual JavaScript execution patterns could provide an early warning sign. After upgrading, confirm the fix by attempting to escalate privileges with an Editor account and verifying that the action is blocked.
Aktualisieren Sie das Volkov Labs Business Links Plugin auf Version 2.4.0 oder höher. Diese Version enthält eine Behebung für die (Privilege Escalation) Schwachstelle. Das Update kann über die Grafana-Verwaltungsoberfläche durchgeführt werden.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-58746 is a critical vulnerability in Volkov Labs Business Links for Grafana, allowing users with Editor privileges to escalate to Administrator and perform arbitrary actions via JavaScript injection.
You are affected if you are using Volkov Labs Business Links versions prior to 2.4.0 and have users with Editor privileges.
Upgrade Volkov Labs Business Links to version 2.4.0 or later to remediate the vulnerability. Consider restricting user permissions as a temporary workaround.
While no public exploits are currently known, the vulnerability's ease of exploitation suggests a high probability of exploitation.
Refer to the official Volkov Labs advisory for details and updates: [https://github.com/volkovlabs/business-links/security/advisories/GHSA-xxxx-xxxx-xxxx](Replace with actual advisory URL)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.