PgAdmin 9.1 Authenticated RCE – CVE-2025-2945

Vendor Description:-

pgAdmin is a widely used open-source administration and development tool for PostgreSQL, one of the most sophisticated relational database systems. It provides a graphical interface for database management operations such as database creation and management, SQL query execution, user, role, and permission management, and data structure visualization. Designed for both new and experienced developers, pgAdmin includes advanced capabilities such as debugging, performance monitoring, and database design tools. It may be accessible through a web browser, making it easy to manage both local and distant PostgreSQL servers.

CVE-2025-2945 Description: –

CVE-2025-2945 is a severe remote code execution vulnerability in pgAdmin 4, caused by the inappropriate use of Python’s eval() on user-supplied input. Two POST endpoints, /sqleditor/query_tool/download and /cloud/deploy, take arguments (query_commited and high_availability) and pass them directly into eval() without sanitization, allowing an attacker to create Python expressions that the server will execute. Because these endpoints are part of web-facing functionality, a maliciously crafted POST can force the pgAdmin process to execute arbitrary Python code, which can then be used to access or modify database contents, read or exfiltrate credentials, or pivot to other system components. The severity is determined by the privileges of the pgAdmin process and the instance’s network exposure; internet-reachable or inadequately segregated deployments are particularly vulnerable.

Impact:-

• Remote code execution: attackers can execute arbitrary Python code within the pgAdmin process context.
• Data exfiltration: sensitive information from databases and configuration files can be accessed and stolen.
• Data integrity loss: attackers can modify or delete database records, queries, or configuration.
• Credential compromise: saved credentials, connection strings, or tokens made available to pgAdmin may be exposed.
• Lateral movement/full compromise: With sufficient privileges, attackers can escalate or pivot to the host operating system and other networked systems.

Mitigations:-

• Patch immediately: Update pgAdmin to the vendor-fixed release (e.g., v9.2) that disables eval().
• Limit access: Restrict the pgAdmin UI to trusted networks or VPNs, and use firewall rules or network ACLs.
• Apply WAF/IPS rules: detect and block suspicious POST payloads targeting /sqleditor/query_tool/download and /cloud/deploy.
• Hardening and least privilege: operate pgAdmin with low permissions and keep it apart from high-value resources.
• Audit and remediation: analyze logs for suspicious POST requests, rotate credentials if a compromise is detected, and do forensic integrity tests after patching.

POC

To reproduce this vulnerability, utilize Metasploit’s exploit/multi/http/pgadmin_query_tool_authenticated module or the standalone Python script found at:- Click Me

Pyhton3 exp.py --target-url http://<your-ip>:5050 --username [email protected] --password vulhub --db-user vulhub --db-pass vulhub --db-name vulhub --payload "__import__('os').system('touch /tmp/success')"

In Victim side :-

POC video