CVE-2025-50201
BaseFortify
Publication date: 2025-06-19
Last updated on: 2025-07-02
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wegia | wegia | to 3.4.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-50201 is a critical OS Command Injection vulnerability in the WeGIA web manager application, specifically in the /html/configuracao/debug_info.php endpoint. The vulnerability occurs because the 'branch' parameter is not properly sanitized before being used in a shell command on the server. This allows an unauthenticated attacker to execute arbitrary operating system commands with the privileges of the web server user (www-data). The attack is blind and time-based, meaning the attacker confirms exploitation by observing delays in server response times. Exploitation can lead to unauthorized reading, modification, or deletion of files on the server. [1]
How can this vulnerability impact me? :
This vulnerability can severely impact the affected system by allowing attackers to execute arbitrary commands on the server without authentication. This compromises Confidentiality by exposing sensitive files such as source code and API keys; Integrity by enabling modification or deletion of files, potentially leading to defacement or malware injection; and Availability by allowing resource-intensive commands that can cause Denial of Service. Additionally, the compromised server can be used as a pivot point to launch further attacks within the internal network. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /html/configuracao/debug_info.php endpoint with the 'branch' POST parameter for command injection. A common detection method is to inject a time-based payload such as 'branch=master; sleep 10' and observe if the server response is delayed, indicating command execution. Tools like commix can be used to automate detection and exploitation attempts, for example, to create or modify files on the server to confirm vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the WeGIA application to version 3.4.2 or later, where the vulnerability is patched. The patch involves sanitizing and validating the 'branch' parameter using escapeshellarg() and regex to allow only safe characters, filtering POST inputs, and properly escaping output. If upgrading is not immediately possible, applying similar input validation and escaping techniques to the affected endpoint can reduce risk. [2]