CVE-2024-3116
published 2024-04-04CVE-2024-3116: pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute…
PriorityP184critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
64.85%
99.1th percentile
pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| pgadmin.org | pgadmin_4 | < 8.5 | 8.5 |
| pgadmin | pgadmin_4 | <= 8.4 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability can be exploited both authenticated and unauthenticated — alert on any unauthenticated access to the binary path validation API endpoint. ↗
- →A Metasploit module exists for this CVE targeting Windows hosts running pgAdmin; correlate exploit framework signatures (e.g., Metasploit default User-Agent strings) against pgAdmin HTTP logs. ↗
- ·Exploitation has been confirmed on Windows 10 with pgAdmin 8.4; coverage on other OS platforms is not confirmed by the source. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
pgAdmin Remote Code Execution (RCE) vulnerability
ghsa·2024-04-04
CVE-2024-3116 [HIGH] CWE-77 pgAdmin Remote Code Execution (RCE) vulnerability
pgAdmin Remote Code Execution (RCE) vulnerability
pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.
OSV
pgAdmin Remote Code Execution (RCE) vulnerability
osv·2024-04-04
CVE-2024-3116 [HIGH] pgAdmin Remote Code Execution (RCE) vulnerability
pgAdmin Remote Code Execution (RCE) vulnerability
pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.
No detection rules found.
No writeups or analysis indexed.
https://gist.github.com/aelmokhtar/689a8be7e3bd535ec01992d8ec7b2b98https://github.com/pgadmin-org/pgadmin4/issues/7326https://lists.fedoraproject.org/archives/list/[email protected]/message/GIF5T34JTTYRGIN5YPT366BDFG6452A2/https://gist.github.com/aelmokhtar/689a8be7e3bd535ec01992d8ec7b2b98https://github.com/pgadmin-org/pgadmin4/issues/7326https://lists.fedoraproject.org/archives/list/[email protected]/message/GIF5T34JTTYRGIN5YPT366BDFG6452A2/https://www.vicarius.io/vsociety/posts/remote-code-execution-vulnerability-in-pgadmin-cve-2024-3116
2024-04-04
Published