CVE-2025-50201 — AI Deep Analysis Summary

🚨 **Essence**: WeGIA suffers from **OS Command Injection**. 📉 **Consequences**: Attackers can execute arbitrary system commands, leading to total server compromise, data theft, and service disruption.

🛡️ **Root Cause**: **CWE-78** (OS Command Injection). The flaw lies in `/html/configuracao/debug_info.php`. The `branch` parameter is **not sanitized**, allowing malicious input to be executed as shell commands.

🏢 **Affected**: **WeGIA** by LabRedesCefetRJ (Nilson Lazarin). 📦 **Version**: All versions **prior to 3.4.2**. If you are running < 3.4.2, you are at risk.

💀 **Impact**: High! CVSS is **Critical (9.8)**. Hackers gain **Full Control** (C:H, I:H, A:H). They can read sensitive data, modify system files, and crash the server. No restrictions.

⚡ **Threshold**: **Low**. CVSS indicates **AV:N** (Network), **AC:L** (Low Complexity), **PR:N** (No Privileges needed), **UI:N** (No User Interaction). It is an easy, remote exploit.

📜 **Exploit Status**: No public PoC code listed in the data. However, the vulnerability is well-documented. The risk of **wild exploitation** is high due to low complexity.

🔍 **Self-Check**: Scan for WeGIA instances. Check if the version is **< 3.4.2**. Look for the endpoint `/html/configuracao/debug_info.php`. Test if the `branch` parameter accepts shell metacharacters (e.g., `;`, `|`).

✅ **Fix**: Yes! Official patch available. Update to **WeGIA 3.4.2** or later.…

🚧 **No Patch?**: **Mitigation**: Block external access to `/html/configuracao/debug_info.php` via WAF or firewall. If possible, disable the debug feature. Input validation is critical if you cannot upgrade immediately.

🔥 **Urgency**: **CRITICAL**. Published June 2025. High CVSS score + No Auth required = Immediate action needed. Patch now or isolate the service to prevent total compromise.