pgAdmin 4 Local File Inclusion and Server-Side Request Forgery Vulnerability in LLM API Configuration Endpoints

A local file inclusion (LFI) and server-side request forgery (SSRF) vulnerability has been identified in pgAdmin 4 versions 9.13 prior to 9.15, specifically within the LLM API configuration endpoints. The issue arises because user-supplied preferences for 'api_key_file' and 'api_url' were transmitted to LLM provider clients without proper validation. This vulnerability allows an authenticated user to read arbitrary server-side files by directing 'api_key_file' to any path accessible by the pgAdmin process. Additionally, it enables the coercion of pgAdmin into making requests to internal targets, such as cloud metadata services like '169.254.169.254', by configuring 'api_url' and exploiting the chat path and model-list endpoints.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive server-side files and the ability to make unauthorized requests to internal services, potentially exposing sensitive information or resources.

Remediation

This vulnerability has been fixed in pgAdmin 4 version 9.15. Users should upgrade to this version to address the issue.