cbcvebase.
CVE-2024-3116
published 2024-04-04

CVE-2024-3116: pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute…

PriorityP184critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
64.85%
99.1th percentile
pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.

Affected

3 ranges
VendorProductVersion rangeFixed in
fedoraprojectfedora
pgadmin.orgpgadmin_4< 8.58.5
pgadminpgadmin_4<= 8.4

Detection & IOCsextracted from sources · hover to see the quote

url/api/v1/utils/validate_binary_path
otherpgAdmin <= 8.4
  • The vulnerability can be exploited both authenticated and unauthenticated — alert on any unauthenticated access to the binary path validation API endpoint.
  • A Metasploit module exists for this CVE targeting Windows hosts running pgAdmin; correlate exploit framework signatures (e.g., Metasploit default User-Agent strings) against pgAdmin HTTP logs.
  • ·Exploitation has been confirmed on Windows 10 with pgAdmin 8.4; coverage on other OS platforms is not confirmed by the source.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.