LabRedesCefetRJ WeGIA
Moderate fix1 remedy
cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*
Moderate fix1 remedy
- <= 3.2.13
WeGIA OS Command Injection Vulnerability in Backup Management Endpoint Allowing Remote Code Execution
Vulnerability
Patched
A command injection vulnerability has been identified in the WeGIA application, specifically in the 'gerenciar_backup.php' endpoint. This vulnerability allows attackers to execute arbitrary code remotely. The issue arises from a lack of input validation in the 'file' parameter, enabling unauthorized code execution. Although the vulnerability exists in versions through 3.2.13, it has been addressed in version 3.2.14, and users are advised to upgrade.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of commands on the server, with the potential for information disclosure, web server takeover, or execution of cryptomining malware.
Reproduction
To reproduce this vulnerability, send a POST request to the 'html/configuracao/gerenciar_backup.php' endpoint with an 'action' parameter set to 'remove' and a 'file' parameter containing the payload. The payload can include a command to be executed, such as a reverse shell command.
Remediation
Users are advised to upgrade to WeGIA version 3.2.14.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
10.0exploitability
6.0remediation
7.7relevance
0.0threat
6.4urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.