CVE-2025-12763 - Vulnerability Details - OpenCVE

pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Pgadmin	Pgadmin 4

Configuration 1 [-]

AND

cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:postgresql:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/pgadmin-org/pgadmin4/issues/9323

History

Wed, 19 Nov 2025 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-78
CPEs		cpe:2.3:a:pgadmin:pgadmin_4::::::postgresql::* cpe:2.3:o:microsoft:windows:-:::::::*

Fri, 14 Nov 2025 09:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft Microsoft windows Pgadmin Pgadmin pgadmin 4
Vendors & Products		Microsoft Microsoft windows Pgadmin Pgadmin pgadmin 4

Thu, 13 Nov 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input.
Title		Command injection vulnerability allowing arbitrary command execution on Windows
References		https://github.com/pgadmin-org/pgadmin4/issues/9323
Metrics		cvssV3_1 `{'score': 6.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: PostgreSQL

Published: 2025-11-13T13:00:08.048Z

Updated: 2025-11-14T04:55:28.677Z

Reserved: 2025-11-05T17:30:06.043Z

Link: CVE-2025-12763

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2025-11-13T13:15:44.777

Modified: 2025-11-19T16:05:32.020

Link: CVE-2025-12763

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12763", "assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "state": "PUBLISHED", "assignerShortName": "PostgreSQL", "dateReserved": "2025-11-05T17:30:06.043Z", "datePublished": "2025-11-13T13:00:08.048Z", "dateUpdated": "2025-11-14T04:55:28.677Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Restore", "Backup"], "product": "pgAdmin 4", "programFiles": ["https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/misc/bgprocess/process_executor.py"], "repo": "https://github.com/pgadmin-org/pgadmin4", "vendor": "pgadmin.org", "versions": [{"lessThanOrEqual": "9.9", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2025-11-05T12:32:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of <code>shell=True</code> during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input. </span><br>"}], "value": "pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "shortName": "PostgreSQL", "dateUpdated": "2025-11-13T13:00:08.048Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://github.com/pgadmin-org/pgadmin4/issues/9323"}], "source": {"discovery": "UNKNOWN"}, "title": "Command injection vulnerability allowing arbitrary command execution on Windows", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-13T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-12763"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-14T04:55:28.677Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:postgresql:*:*", "matchCriteriaId": "869DC8C4-E456-4D31-964B-96D4B9B8F4A2", "versionEndExcluding": "9.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input."}], "id": "CVE-2025-12763", "lastModified": "2025-11-19T16:05:32.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2025-11-13T13:15:44.777", "references": [{"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://github.com/pgadmin-org/pgadmin4/issues/9323"}], "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "[email protected]", "type": "Primary"}]}