Tracked as CVE-2025-13780, this critical flaw allows attackers to bypass security filters and execute arbitrary shell commands on the host server.
The issue stems from the application’s plain-text restore feature, which failed to block dangerous commands hidden in uploaded database files adequately.
According to EndorLabs, the vulnerability exists because pgAdmin 4 relied on a text-based “regular expression” (regex) filter to detect and block malicious commands.
This filter was designed to detect specific patterns used by the psql command-line utility to run system commands.
EndorLabs researchers found that the filter was too rigid. It only looked for standard formatting, such as a newline followed immediately by a command.
| Field | Details |
|---|---|
| CVE ID | CVE-2025-13780 |
| Vulnerability Type | Remote Code Execution (RCE) |
| CVSS Base Score | 9.9 |
| Affected Component | Plain-text Restore Feature |
| Affected Versions | pgAdmin 4 (versions prior to 9.11) |
| Attack Vector | Uploaded Malicious SQL Dump |
Attackers discovered they could trick this filter by inserting unexpected whitespace characters, such as carriage returns or form feeds, between the new lines and the commands.
While the security filter ignored these “messy” lines, the underlying psql tool still recognized and executed them as valid instructions.
This misconfiguration allowed attackers to execute unauthorized scripts on the server by uploading a specially crafted SQL file.
In response to this EndorLabs discovery, the pgAdmin development team released version 9.11, which fundamentally changes how the software handles security.
Instead of scanning files for every possible dangerous pattern, the new version uses the restrict command. This feature instructs psql to disable hazardous operations during the restore process.
By enforcing security at the execution level rather than the input level, the software is no longer vulnerable to text-hiding tricks. EndorLabs strongly recommends that administrators upgrade to version 9.11 immediately.
Relying on older versions leaves systems exposed to remote code execution( RCE ) attacks that can compromise the entire host environment.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Critical pgAdmin Vulnerability Let Attackers Execute Shell Commands on the Host appeared first on Cyber Security News.
Though we’ve previously reported that the anime adaptation of JoJo’s Bizarre Adventure: Steel Ball Run…
200 Years Ago John Clarke, directly opposite the Meeting House in Northampton, has on hand…
LEVERETT — A middle-aged man was transported to Baystate Medical Center in Springfield with “moderate-to-severe”…
NORTHAMPTON — The School Committee will interview four superintendent finalists Monday and Tuesday in an…
AMHERST — Even before Hampshire College closes at the end of the calendar year, the…
EASTHAMPTON — Residents will be asked to vote on a $6.9 million Proposition 2½ override at…
This website uses cookies.