Lucene search
China National Vulnerability DatabaseCNVD-2022-86536HistoryDec 08, 2022 - 12:00 a.m.
pgAdmin 4 remote code execution vulnerability
2022-12-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
32
pgadmin 4
remote code execution
vulnerability
windows
unc address
arbitrary commands
0.016 Low
EPSS
Percentile
87.4%
pgAdmin 4 is a reliable and comprehensive database design and management software for PostgreSQL. pgAdmin 4 suffers from a remote code execution vulnerability, which is required in the Windows environment, and due to the developerโs lax permission checks, an attacker could exploit the vulnerability by constructing a request to make pgAdmin access a malicious UNC address to execute arbitrary commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pgadmin pgadmin 4 < | eq | 6.17 |
Related
cvelist
cvelist
CVE-2022-4223
2022-12-13 00:00:00
openvas
openvas
Fedora: Security Advisory for pgadmin4 (FEDORA-2022-2d5a6f48e1)
2022-12-18 00:00:00
github
github
pgadmin4 vulnerable to Code Injection
2022-12-13 18:30:34
osv
osv
CVE-2022-4223
2022-12-13 16:15:26
pgadmin4 vulnerable to Code Injection
2022-12-13 18:30:34
prion
prion
Path traversal
2022-12-13 16:15:00
redhatcve
redhatcve
CVE-2022-4223
2022-12-07 05:31:12
cve
cve
CVE-2022-4223
2022-12-13 16:15:26
nvd
nvd
CVE-2022-4223
2022-12-13 16:15:26
veracode
veracode
Remote Code Execution (RCE)
2022-12-14 02:27:04
fedora
fedora
[SECURITY] Fedora 37 Update: pgadmin4-6.17-2.fc37
2022-12-18 01:41:35
wallarmlab
wallarmlab
Q4-2022 API ThreatStatsโข Report
2023-02-22 16:02:55