Python + PostgreSQL pgAdmin4 – Insecure Library Loading Allows Code Execution

Posted by Karn Ganeshen on Feb 28

Python + PostgreSQL pgAdmin4 – Insecure Library Loading Allows Code
Execution (DLL Hijacking Vulnerability)

*Confirmed on*
pgAdmin4 v1.1: Current version packaged with PostgreSQL v9.6.1.1 (Windows
x86 Current version)

*Checked on*
Windows 7 SP1 + python 2.7.13 (current version)

Note – This is a vulnerability in python, which gets manifested via
pgAdmin4. Other applications and softwares that use python, may as well be
vulnerable.

*Download*…

Leave a Reply