Login Sign Up

CVE-2023-0241

6.5 MEDIUM

📋 TL;DR

CVE-2023-0241 is a directory traversal vulnerability in pgAdmin 4 that allows authenticated users to access or modify files outside the intended directory. This affects all pgAdmin 4 users running versions before 6.19, potentially enabling unauthorized changes to other users' settings or database configurations.

💻 Affected Systems

Products:
  • pgAdmin 4
Versions: All versions prior to 6.19
Operating Systems: All platforms running pgAdmin 4
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated access to pgAdmin web interface. Desktop mode may have different exposure than server mode.

📦 What is this software?

Pgadmin 4 by Pgadmin

View all CVEs affecting Pgadmin 4 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could modify critical configuration files, alter database settings, or access sensitive system files, potentially leading to data corruption, privilege escalation, or complete system compromise.

🟠

Likely Case

Authenticated users could modify other users' pgAdmin settings, alter database connection configurations, or access files they shouldn't have permission to view.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the pgAdmin application scope, preventing lateral movement to other systems.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access to pgAdmin. Directory traversal techniques are well-documented and relatively simple to implement.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.19 and later

Vendor Advisory: https://github.com/pgadmin-org/pgadmin4/issues/5734

Restart Required: Yes

Instructions:

1. Backup current pgAdmin configuration and data. 2. Stop pgAdmin service. 3. Upgrade to pgAdmin 4 version 6.19 or later using package manager or manual installation. 4. Restart pgAdmin service. 5. Verify functionality.

🔧 Temporary Workarounds

Restrict Access Controls

all

Limit pgAdmin access to trusted users only and implement strict authentication requirements

Network Segmentation

all

Place pgAdmin behind VPN or restrict network access to specific IP addresses

🧯 If You Can't Patch

  • Implement strict access controls and limit pgAdmin to trusted administrative users only
  • Monitor pgAdmin logs for unusual file access patterns or directory traversal attempts

🔍 How to Verify

Check if Vulnerable:

Check pgAdmin version via web interface (Help → About) or command line: pgadmin4 --version

Check Version:

pgadmin4 --version

Verify Fix Applied:

Confirm version is 6.19 or higher and test directory traversal attempts are blocked

📡 Detection & Monitoring

Log Indicators:

  • Unusual file path access patterns in pgAdmin logs
  • Multiple failed directory traversal attempts
  • Unexpected configuration changes

Network Indicators:

  • HTTP requests containing '../' or similar path traversal patterns to pgAdmin endpoints

SIEM Query:

source="pgadmin" AND ("../" OR "..\\" OR "%2e%2e%2f")

📊 Metadata

CVE ID: CVE-2023-0241
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CWE: CWE-22
Published: March 27, 2023
Last Updated: March 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-0241, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)