CVE-2025-26612
Published: 18 February 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-26612 is a SQL injection vulnerability in the WeGIA open-source web manager application, which targets institutions and primarily serves Portuguese-language users. The flaw resides in the `adicionar_almoxarife.php` endpoint, enabling attackers to execute arbitrary SQL queries and gain unauthorized access to sensitive information. Associated with CWE-89, it carries a CVSS v3.1 base score of 9.8, reflecting its critical severity due to high impacts on confidentiality, integrity, and availability.
The vulnerability is exploitable remotely over the network with low complexity, requiring no authentication, privileges, or user interaction, and without changing the scope of impact. Any unauthenticated attacker able to reach the affected endpoint can inject malicious SQL payloads to extract, modify, or delete database contents, potentially compromising entire user databases, institutional records, or other sensitive data stored by WeGIA instances.
The GitHub Security Advisory (GHSA-9cwj-p4x6-pp88) confirms the issue has been patched in WeGIA version 3.2.13, urging all users to upgrade immediately. No workarounds are available.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The SQL injection vulnerability in the publicly accessible WeGIA web application endpoint directly enables remote unauthenticated exploitation of a public-facing application to access or manipulate database contents.