CVE-2024-57034

CriticalPublic PoC

Published: 17 January 2025

Published

17 January 2025

Modified

14 March 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0048 65.2th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57034 is a critical-severity SQL Injection (CWE-89) vulnerability in Wegia Wegia. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 34.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation of user-supplied inputs like the 'query' parameter in query_geracao_auto.php to block SQL injection exploitation.

SI-2 Flaw Remediation good match

prevent

Mandates timely flaw remediation by applying patches such as WeGIA 3.2.0 to eliminate the SQL injection vulnerability.

SI-9 Information Input Restrictions partial match

prevent

Restricts the volume and types of inputs accepted at interfaces, limiting opportunities for SQL injection via unsanitized parameters.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

SQL injection vulnerability in public-facing web application WeGIA < 3.2.0 enables exploitation of public-facing applications.

NVD Description

WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter.

Deeper analysisAI

CVE-2024-57034 is a SQL injection vulnerability (CWE-89) affecting WeGIA versions prior to 3.2.0. The flaw exists in the query_geracao_auto.php component, where the 'query' parameter fails to properly sanitize user input, allowing malicious SQL code execution. Published on January 17, 2025, it carries a CVSS v3.1 base score of 9.8, reflecting its critical severity.

Remote attackers require no privileges, authentication, or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, enabling attackers to extract sensitive data, modify database contents, or disrupt services.

Mitigation guidance is available in the referenced advisories, including vulnerability research at https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57034 and the WeGIA project site at https://www.wegia.org. WeGIA versions 3.2.0 and later address the issue.

Details

CWE(s): CWE-89

Affected Products

wegia

≤ 3.2.0

CVEs Like This One

CVE-2025-26612Same product: Wegia Wegia

CVE-2025-26605Same product: Wegia Wegia

CVE-2025-22140Same product: Wegia Wegia

CVE-2025-24958Same product: Wegia Wegia

CVE-2025-53823Same product: Wegia Wegia

CVE-2026-35395Same product: Wegia Wegia

CVE-2026-33134Same product: Wegia Wegia

CVE-2025-24906Same product: Wegia Wegia

CVE-2025-23220Same product: Wegia Wegia

CVE-2026-31895Same product: Wegia Wegia

References

https://github.com/nmmorette/vulnerability-research/tree/main/CVE-2024-57034
Exploit, Third Party Advisory · cve@mitre.org
https://www.wegia.org
Product · cve@mitre.org