Platform
php
Component
wegia
Fixed in
3.2.15
A critical Path Traversal vulnerability (CVE-2025-26615) has been identified in WeGIA, an open-source Web Manager for Institutions. This vulnerability, located in the examples.php endpoint, allows attackers to potentially access sensitive information. Versions of WeGIA prior to 3.2.14 are affected. The vulnerability is resolved in version 3.2.14, and immediate upgrading is strongly recommended.
The examples.php endpoint in WeGIA is susceptible to Path Traversal, enabling unauthorized access to files outside of the intended directory. Specifically, an attacker can leverage this vulnerability to retrieve the config.php file. This file contains critical database credentials and connection information, effectively granting the attacker direct access to the WeGIA database. Successful exploitation could lead to data breaches, modification of sensitive data, and complete compromise of the WeGIA installation. The impact is particularly severe given the potential for database takeover, allowing attackers to manipulate user data, financial records, or other critical information managed by the institution.
CVE-2025-26615 was publicly disclosed on February 18, 2025. There are currently no known public proof-of-concept exploits available. The vulnerability's severity (CVSS score of 10) indicates a high probability of exploitation if left unpatched. It is not currently listed on the CISA KEV catalog. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting WeGIA installations.
Exploit Status
EPSS
0.40% (61% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-26615 is to immediately upgrade WeGIA to version 3.2.14 or later. As the vulnerability stems from a fundamental design flaw, there are no known configuration workarounds or temporary fixes. Given the sensitivity of the data at risk, delaying the upgrade is strongly discouraged. After upgrading, verify the integrity of the installation by attempting to access the examples.php endpoint and confirming that access is denied or redirects appropriately. Review database access logs for any suspicious activity following the upgrade.
Update WeGIA to version 3.2.14 or higher. This version corrects the Path Traversal vulnerability in the `examples.php` endpoint. The update will prevent unauthorized access to sensitive information, such as database credentials stored in `config.php`.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-26615 is a critical vulnerability allowing attackers to access sensitive files via the examples.php endpoint in WeGIA versions before 3.2.14.
Yes, if you are using WeGIA version 3.2.14 or earlier, you are vulnerable to this Path Traversal attack.
Upgrade WeGIA to version 3.2.14 or later immediately. There are no workarounds available.
While no public exploits are currently known, the high severity score suggests a potential for exploitation if left unpatched.
Refer to the official WeGIA project website and security advisories for the latest information and updates regarding CVE-2025-26615.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.