CVE-2025-53823
Published: 14 July 2025
Summary
CVE-2025-53823 is a high-severity SQL Injection (CWE-89) vulnerability in Wegia Wegia. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 37.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by validating the id_socio parameter against expected formats, blocking arbitrary SQL command execution.
Requires timely patching to version 3.4.5, which eliminates the specific SQL injection flaw in the processa_deletar_socio.php endpoint.
Restricts the id_socio parameter to valid inputs like numeric values, preventing injection of malicious SQL payloads.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct SQL injection in remotely accessible web endpoint enables exploitation of public-facing application for arbitrary DB commands and data impact.
NVD Description
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint `/WeGIA/html/socio/sistema/processa_deletar_socio.php`, in the `id_socio` parameter. This vulnerability allows the execution of…
more
arbitrary SQL commands, which can compromise the confidentiality, integrity, and availability of stored data. Version 3.4.5 fixes the issue.
Deeper analysisAI
CVE-2025-53823 is a SQL injection vulnerability (CWE-89) in WeGIA, an open-source web manager focused on the Portuguese language and charitable institutions. Versions prior to 3.4.5 are affected, specifically in the endpoint `/WeGIA/html/socio/sistema/processa_deletar_socio.php` through the `id_socio` parameter, which fails to sanitize input properly. This allows execution of arbitrary SQL commands, potentially compromising the confidentiality, integrity, and availability of stored data. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The attack requires network access, low complexity, low privileges (such as an authenticated user), and no user interaction. An attacker with these prerequisites can inject malicious SQL payloads via the vulnerable parameter during socio deletion requests, enabling full control over the database. This could result in data exfiltration, unauthorized modifications, deletions, or denial of service.
The GitHub security advisory (GHSA-p8xr-qg3c-6ww2) states that WeGIA version 3.4.5 fixes the issue. Mitigation involves upgrading to this patched version immediately, alongside implementing input validation, prepared statements, or parameterized queries in custom deployments, and restricting access to the affected endpoint.
Details
- CWE(s)