A extreme safety vulnerability has been uncovered in pgAdmin 4, the favored open-source PostgreSQL database administration software.
Tracked as CVE-2025-13780, this crucial flaw permits attackers to bypass safety filters and execute arbitrary shell instructions on the host server.
The difficulty stems from the appliance’s plain-text restore characteristic, which did not block harmful instructions hidden in uploaded database recordsdata adequately.
The Failure of the Textual content Filter
In keeping with EndorLabs, the vulnerability exists as a result of pgAdmin 4 relied on a text-based “common expression” (regex) filter to detect and block malicious instructions.
This filter was designed to detect particular patterns utilized by the psql command-line utility to run system instructions.
EndorLabs researchers discovered that the filter was too inflexible. It solely seemed for normal formatting, corresponding to a newline adopted instantly by a command.
FieldDetailsCVE IDCVE-2025-13780Vulnerability TypeRemote Code Execution (RCE)CVSS Base Score9.9Affected ComponentPlain-text Restore FeatureAffected VersionspgAdmin 4 (variations previous to 9.11)Assault VectorUploaded Malicious SQL Dump
Attackers found they might trick this filter by inserting surprising whitespace characters, corresponding to carriage returns or type feeds, between the brand new traces and the instructions.
Whereas the safety filter ignored these “messy” traces, the underlying psql software nonetheless acknowledged and executed them as legitimate directions.
This misconfiguration allowed attackers to execute unauthorized scripts on the server by importing a specifically crafted SQL file.
In response to this EndorLabs discovery, the pgAdmin growth crew launched model 9.11, which essentially modifications how the software program handles safety.
As a substitute of scanning recordsdata for each doable harmful sample, the brand new model makes use of the limit command. This characteristic instructs psql to disable hazardous operations throughout the restore course of.
By implementing safety on the execution stage fairly than the enter stage, the software program is not susceptible to text-hiding methods. EndorLabs strongly recommends that directors improve to model 9.11 instantly.
Counting on older variations leaves programs uncovered to distant code execution( RCE ) assaults that may compromise the whole host surroundings.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
