{"uuid": "8c4b6aa4-b058-435b-ac3a-dd250b6be8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2945", "type": "published-proof-of-concept", "source": "https://t.me/cybersecplayground/162", "content": "\u26a0\ufe0f CVE-2025-2945 \u2014 Remote Code Execution in pgAdmin 4 \u26a0\ufe0f\n\nA critical RCE vulnerability has been discovered in pgAdmin 4, putting thousands of systems at risk!\n\nDetails:\n\u2022 Type: Remote Code Execution (RCE)\n\u2022 CVSS: 9.8 (Critical)\n\u2022 Impact: Full system compromise, sensitive data exposure\n\n\ud83d\udd25 PoC And more detail:\nhttps://py0zz1.tistory.com\n\n\ud83c\udfaf FOFA Stats:\nOver 41,000 exposed results found via FOFA!\n\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f FOFA Dork:\nbody=\"pg-sp-content\" && title=\"pgAdmin 4\"\n\n\ud83d\udd17 FOFA Link:\nhttps://en.fofa.info/result?qbase64...\n\n\u2705 Mitigation:\nUpdate pgAdmin ASAP or restrict public access!\n\n\ud83d\udd25 As a result, an attacker can execute arbitrary Python code by sending a crafted POST request to the vulnerable endpoint.\n\n\u2014\n\nFollow CyberSec Playground for more 0-day alerts, hacking tips & bug bounty tricks!\n@cybersecplayground\n\n#CyberSecurity #CVE2025 #pgAdmin #RCE #BugBounty #InfoSec #FOFA #CyberSecPlayground", "creation_timestamp": "2025-04-07T10:36:13.000000Z"}