免费扫描
CRITICALCVE-2025-22133CVSS 10

WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE)

翻译中…

平台

php

组件

wegia

修复版本

3.2.9

AI Confidence: highNVDEPSS 0.4%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2025-22133 describes a critical Remote Code Execution (RCE) vulnerability within WeGIA, a web manager for charitable institutions. This flaw allows attackers to upload and execute malicious files, potentially leading to complete system compromise. The vulnerability affects versions of WeGIA prior to 3.2.8, and a patch is available in version 3.2.8.

影响与攻击场景翻译中…

The impact of CVE-2025-22133 is severe. An attacker can leverage this vulnerability to upload and execute arbitrary code on the server hosting WeGIA. This could lead to complete system takeover, data exfiltration (including sensitive donor information and financial records), and disruption of charitable operations. The ability to execute arbitrary code grants the attacker the highest level of access, effectively allowing them to control the entire system. Successful exploitation could also be used as a pivot point to compromise other systems within the organization's network, expanding the blast radius significantly.

利用背景翻译中…

CVE-2025-22133 was publicly disclosed on 2025-01-07. The vulnerability's ease of exploitation, combined with the critical nature of the affected systems (charitable organizations often handling sensitive data), suggests a potential for active exploitation. No public proof-of-concept (POC) code has been publicly released as of this writing, but the vulnerability's simplicity makes it likely that POCs will emerge. Its severity warrants close monitoring and proactive mitigation.

哪些人处于风险中翻译中…

Charitable institutions and organizations utilizing WeGIA for web management are at significant risk. Specifically, organizations running older, unpatched versions of WeGIA (≤ 3.2.8) are highly vulnerable. Shared hosting environments where multiple organizations share the same server infrastructure are also at increased risk, as a compromise of one WeGIA instance could potentially impact others.

检测步骤翻译中…

• linux / server: Monitor web server access logs for requests to /WeGIA/html/socio/sistema/controller/controla_xlsx.php with unusual file extensions (e.g., .phar). Use journalctl -f to observe file upload activity.

 grep -i 'phar' /var/log/apache2/access.log

• generic web: Use curl to test the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint with a .phar file upload. Check the response headers for any errors or unexpected behavior.

curl -F '[email protected]' http://your-wegia-server/WeGIA/html/socio/sistema/controller/controla_xlsx.php

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

0.42% (62% 百分位)

CISA SSVC

利用情况poc
可自动化no
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H10.0CRITICALAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredLow攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeChanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
低 — 任何有效用户账户均可。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
已改变 — 攻击可以超出脆弱组件,影响其他系统。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件wegia
供应商nilsonLazarin
影响范围修复版本
< 3.2.8 – < 3.2.83.2.9

弱点分类 (CWE)

CWE-94CWE-434

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2025-22133 is to immediately upgrade WeGIA to version 3.2.8 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict file uploads to only explicitly allowed file types. Implement strict file size limits to prevent the upload of large, potentially malicious files. Consider using a Web Application Firewall (WAF) to filter out suspicious file uploads. Monitor WeGIA logs for unusual file upload activity. After upgrading, verify the fix by attempting to upload a known malicious .phar file; it should be rejected.

修复方法翻译中…

Actualice WeGIA a la versión 3.2.8 o superior. Esta versión corrige la vulnerabilidad de carga de archivos arbitrarios. Se recomienda realizar una copia de seguridad antes de actualizar.

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2025-22133 — Remote Code Execution in WeGIA?

CVE-2025-22133 is a critical RCE vulnerability in WeGIA, a web manager for charitable institutions, allowing attackers to execute arbitrary code through malicious file uploads.

Am I affected by CVE-2025-22133 in WeGIA?

You are affected if you are using WeGIA version 3.2.8 or earlier. Upgrade to 3.2.8 to mitigate the risk.

How do I fix CVE-2025-22133 in WeGIA?

Upgrade WeGIA to version 3.2.8. As a temporary workaround, restrict file uploads and implement WAF rules.

Is CVE-2025-22133 being actively exploited?

While no active exploitation has been confirmed, the vulnerability's simplicity suggests a high probability of exploitation.

Where can I find the official WeGIA advisory for CVE-2025-22133?

Refer to the WeGIA official website or security advisories for the latest information and updates regarding CVE-2025-22133.

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE