Key Information Vulnerability Overview Vulnerability Name: Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE) Severity: Critical (10.0/10) CVE ID: CVE-2025-58159 CVSS v3 Base Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Changed - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High Affected and Fixed Versions Affected Versions: <=3.4.10 Fixed Versions: 3.4.11 Description Summary: A remote code execution vulnerability was discovered in WeGIA version 3.4.8 due to improper validation of uploaded files. The application allows attackers to upload files with arbitrary filenames, including those with a extension. Since uploaded files are written directly to disk without proper sanitization or extension restrictions, an Excel file followed by PHP code can be uploaded and executed on the server, leading to arbitrary code execution. Details: This vulnerability was previously reported, but the implemented mitigations were insufficient, allowing files with arbitrary extensions to still be uploaded. The affected endpoint is . PoC (Proof of Concept) Request: Upload any spreadsheet file (xls or xlsx) and intercept the request. Modify the filename to include a extension, and append PHP code after the binary spreadsheet content. Response: After the file is uploaded, note the new filename (including the random prefix) from the server's response, then directly access it to trigger code execution. Impact Allows attackers to: - Access server command interfaces via web services. - Execute arbitrary commands with the privileges of the web server user. - Read and manipulate sensitive data. - Compromise databases. - Achieve initial privilege escalation and full system control.