This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¦ **Affected Versions**: PostgreSQL **9.3 through 11.2** (some PoCs test up to 12.3). π **Component**: The database engine itself, specifically the data import/export functionality.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: If the user has **Superuser** rights or is in the **pg_execute_server_program** group. π **Data Impact**: Full Remote Code Execution (RCE).β¦
π **Threshold**: **Medium/High**. Requires **Authentication**. You must have a valid database account with specific privileges (Superuser or specific group). It is not an unauthenticated zero-day.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π£ **Public Exp?**: **YES**. Multiple PoCs exist on GitHub (e.g., `wkjung0624`, `b4keSn4ke`). π **Wild Exploitation**: Tools like `GenPostgresRCEExploit` are available for automated exploitation.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for PostgreSQL versions 9.3-11.2. π§ͺ **Test**: If you have DB access, try running a `COPY ... FROM PROGRAM` command with a harmless OS command (e.g., `id`) to see if it executes.
π **Workaround**: **Revoke** the `pg_execute_server_program` role from users who don't strictly need it. π« **Disable**: Remove execute permissions on the `COPY ... PROGRAM` command for non-superusers.
Q10Is it urgent? (Priority Suggestion)
β‘ **Urgency**: **High** for misconfigured systems. If you have Superuser accounts exposed or weakly secured, this is critical. π **Priority**: Patch immediately by restricting permissions or upgrading.