VYPR
← All advisories
High severityNVD Advisory· Published Dec 13, 2022· Updated Apr 14, 2025

CVE-2022-4223

CVE-2022-4223

Description

The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to properly secure this API, which could allow an unauthenticated user to call it with a path of their choosing, such as a UNC path to a server they control on a Windows machine. This would cause an appropriately named executable in the target path to be executed by the pgAdmin server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2022-4223 is an unauthenticated arbitrary command execution vulnerability in pgAdmin versions prior to 6.17 via the utility path validation API, allowing remote code execution on Windows.

Vulnerability

Overview

CVE-2022-4223 is a security flaw in pgAdmin, an open-source administration and management tool for PostgreSQL. The vulnerability resides in an HTTP API endpoint intended to validate the path to external PostgreSQL utilities such as pg_dump and pg_restore. Versions prior to 6.17 did not properly secure this API, allowing an unauthenticated attacker to supply an arbitrary path, including a UNC path on Windows systems [1][2]. When the server's utility path validation process executes the binary at the provided path, an attacker-controlled executable can be run with the privileges of the pgAdmin server process [1].

Attack

Vector and Prerequisites

The vulnerability is exploitable without authentication over the network. On Windows, an attacker can specify a UNC path to a remote server they control, causing the pgAdmin server to connect to that remote share and execute a maliciously named executable file (e.g., pg_dump.exe). No special privileges or user interaction beyond being able to reach the pgAdmin server's HTTP endpoint are required [1]. The attack surface is limited to Windows deployments due to the UNC path requirement, but the vulnerability is classified as critical with a CVSS score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) [1].

Potential

Impact

Successful exploitation leads to remote code execution on the pgAdmin server. An attacker could then compromise the confidentiality, integrity, and availability of the system—potentially gaining access to database credentials, modifying or exfiltrating data, or pivoting to other internal resources. Because the vulnerable endpoint is exposed without authentication, the impact is severe, particularly in environments where pgAdmin is accessible from untrusted networks [1].

Mitigation

Status

The pgAdmin project addressed this vulnerability in version 6.17 by properly restricting the utility path validation API. Users should upgrade to pgAdmin 6.17 or later immediately. No workaround is available for earlier versions [1][2]. As of this writing, the CVE is not listed in CISA's Known Exploited Vulnerabilities catalog, but given the high severity and ease of exploitation, prompt patching is strongly recommended.

References
  1. NVD - CVE-2022-4223
  2. GitHub - pgadmin-org/pgadmin4: pgAdmin is the most popular and feature rich Open Source administration and development platform for PostgreSQL, the most advanced Open Source database in the world.

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pgadmin4PyPI
< 6.176.17

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.