CVE-2025-55169 Scanner

WeGIA is an open-source web management system primarily used by Portuguese-speaking charitable institutions to manage various web-based resources. It is built to facilitate operations in organizations with a focus on providing an easy-to-use interface for managing online content and infrastructure. The software's design allows for flexibility and scalability, making it suitable for small to medium-sized entities that rely on web management systems for daily operations. WeGIA integrates several web applications that help charities streamline their processes and document handling. It is actively maintained and regularly receives updates and patches to address security concerns. The software supports multiple users and permission levels, ensuring that tasks are assigned and managed efficiently within the organization.

The identified vulnerability in WeGIA exposes the system to path traversal attacks. This allows an attacker to manipulate file paths, thus gaining unauthorized access to sensitive data stored within the server. Path traversal vulnerabilities are a result of inadequate input validation, which leads to exploitation, allowing directory traversal outside of the intended locations. WeGIA's failure in preventing such traversal can lead to significant security risks, as critical files like config.php may be exposed. These files contain sensitive information that could, for example, grant direct database access to malicious parties. Such vulnerabilities are critical as they undermine the system's data integrity and confidentiality.

Technical details about this vulnerability indicate that it can be exploited via the endpoint html/socio/sistema/download_remessa.php in the WeGIA application. Manipulating parameters allows attackers to navigate directories beyond the set bounds, reaching sensitive files such as config.php. This endpoint's improper validation makes it susceptible to unauthorized file reads. The config.php file includes crucial configuration details, including database credentials that can be exploited. Attackers can potentially access information that may lead to further breaches and a loss of data integrity. The vulnerability's critical nature demands prompt remediation measures.

Exploitation of this vulnerability leads to unauthorized disclosure of sensitive data, crippling the organization's security posture. Malicious actors gaining access to files like config.php can result in unauthorized database access and subsequent data theft or manipulation. This threatens not only the confidentiality of data but also the integrity and availability of systems run by charitable organizations. An exploited system may experience service disruptions and potential financial and reputational damage. The need for immediate patching and upgrades to secure versions is critical to avert these risks.

REFERENCES

• https://nvd.nist.gov/vuln/detail/CVE-2025-55169
• https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-mm3p-7573-4x4j