CVE-2025-22141
Published: 08 January 2025
Summary
CVE-2025-22141 is a high-severity SQL Injection (CWE-89) vulnerability in Wegia Wegia. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 41.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by requiring validation and sanitization of user inputs like the unsanitized 'cargo' parameter before inclusion in SQL queries.
Restricts the 'cargo' parameter to only organization-defined valid inputs, blocking injection of arbitrary SQL commands.
Ensures timely identification, reporting, and patching of the specific SQL injection flaw fixed in WeGIA version 3.2.8.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in publicly accessible web endpoint directly enables remote exploitation of a web application (T1190).
NVD Description
WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificar_recursos_cargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the…
more
database. This vulnerability is fixed in 3.2.8.
Deeper analysisAI
CVE-2025-22141 is a SQL injection vulnerability (CWE-89) affecting WeGIA, a web-based management system for charitable institutions. The issue exists in the /dao/verificar_recursos_cargo.php endpoint, where the "cargo" parameter fails to properly sanitize user input, enabling attackers to inject and execute arbitrary SQL commands. This compromises the confidentiality, integrity, and availability of the underlying database. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility and potential for significant impact.
Exploitation requires low privileges, such as an authenticated user account, and can be performed remotely with low complexity and no user interaction. Attackers can leverage the SQL injection to extract sensitive data, alter database records, or disrupt services, potentially leading to complete database takeover depending on the backend database configuration and access controls.
The vulnerability has been addressed in WeGIA version 3.2.8. For mitigation details, including patch deployment instructions, security practitioners should consult the GitHub security advisories published by the maintainers: https://github.com/nilsonLazarin/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636 and https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-w7hp-2w2c-p636.
Details
- CWE(s)