Cyber Posture

CVE-2024-57035

CriticalPublic PoC

Published: 17 January 2025

Published
17 January 2025
Modified
18 March 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0035 57.6th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may leverage databases to mine valuable information.

Security Summary

CVE-2024-57035 is a SQL injection vulnerability (CWE-89) in WeGIA version 3.2.0, published on 2025-01-17. The issue arises via the nextPage parameter in the /controle/control.php component, earning a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impacts across confidentiality, integrity, and availability.

Remote attackers require no privileges or user interaction to exploit this over the network with low complexity. Successful exploitation enables arbitrary SQL query execution, allowing unauthorized data extraction, modification, or disruption of the underlying database.

Mitigation details are available in related advisories at https://github.com/nilsonLazarin/WeGIA/issues/827 and vulnerability research at https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57035.

Details

CWE(s)
CWE-89

Affected Products

wegia
wegia
3.2.0

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
Why these techniques?

SQL injection in web application (/controle/control.php) enables exploitation of public-facing applications (T1190) and facilitates collection of data from databases via arbitrary SQL queries (T1213.006).

References