Skip to main content

CVE-2024-3116

Description

pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.

NVD
Severity: N/A
CVE ID: CVE-2024-3116
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.
PostgreSQL
Severity: HIGH
CVE ID: CVE-2024-3116
CVSS Score: 7.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Refrence: NVDMITRE

Proof Of Concept

TechieNeurons

Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8