Platform
php
Component
wegia
Fixed in
3.2.9
CVE-2025-22133 describes a critical Remote Code Execution (RCE) vulnerability within WeGIA, a web manager for charitable institutions. This flaw allows attackers to upload and execute malicious files, potentially leading to complete system compromise. The vulnerability affects versions of WeGIA prior to 3.2.8, and a patch is available in version 3.2.8.
The impact of CVE-2025-22133 is severe. An attacker can leverage this vulnerability to upload and execute arbitrary code on the server hosting WeGIA. This could lead to complete system takeover, data exfiltration (including sensitive donor information and financial records), and disruption of charitable operations. The ability to execute arbitrary code grants the attacker the highest level of access, effectively allowing them to control the entire system. Successful exploitation could also be used as a pivot point to compromise other systems within the organization's network, expanding the blast radius significantly.
CVE-2025-22133 was publicly disclosed on 2025-01-07. The vulnerability's ease of exploitation, combined with the critical nature of the affected systems (charitable organizations often handling sensitive data), suggests a potential for active exploitation. No public proof-of-concept (POC) code has been publicly released as of this writing, but the vulnerability's simplicity makes it likely that POCs will emerge. Its severity warrants close monitoring and proactive mitigation.
Exploit Status
EPSS
0.42% (62% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-22133 is to immediately upgrade WeGIA to version 3.2.8 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict file uploads to only explicitly allowed file types. Implement strict file size limits to prevent the upload of large, potentially malicious files. Consider using a Web Application Firewall (WAF) to filter out suspicious file uploads. Monitor WeGIA logs for unusual file upload activity. After upgrading, verify the fix by attempting to upload a known malicious .phar file; it should be rejected.
Update WeGIA to version 3.2.8 or higher. This version fixes the arbitrary file upload vulnerability. It is recommended to perform a backup before updating.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-22133 is a critical RCE vulnerability in WeGIA, a web manager for charitable institutions, allowing attackers to execute arbitrary code through malicious file uploads.
You are affected if you are using WeGIA version 3.2.8 or earlier. Upgrade to 3.2.8 to mitigate the risk.
Upgrade WeGIA to version 3.2.8. As a temporary workaround, restrict file uploads and implement WAF rules.
While no active exploitation has been confirmed, the vulnerability's simplicity suggests a high probability of exploitation.
Refer to the WeGIA official website or security advisories for the latest information and updates regarding CVE-2025-22133.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.