CVE-2025-55171 is a high-severity vulnerability classified under CWE-287 (Improper Authentication) affecting the open-source web management application WeGIA, developed by LabRedesCefetRJ. WeGIA is designed primarily for Portuguese-speaking users and charitable institutions. The vulnerability exists in versions prior to 3.4.8, where the application fails to enforce authentication checks on the endpoint /html/personalizacao_remover.php. This flaw allows an unauthenticated attacker to invoke this endpoint and delete image files arbitrarily by specifying the parameter imagem_0 with the target image ID. Since no authentication or user interaction is required, the attack surface is broad and easily exploitable remotely over the network. The vulnerability impacts availability by enabling attackers to delete image resources, potentially disrupting the normal operation or presentation of the affected web application. The issue was addressed and patched in version 3.4.8 of WeGIA. The CVSS v3.1 score of 7.5 reflects the network attack vector, low attack complexity, no privileges or user interaction needed, and a high impact on availability, while confidentiality and integrity remain unaffected. No known exploits have been reported in the wild as of the publication date.

For European organizations, particularly those using WeGIA to manage web content for charitable or community-focused institutions, this vulnerability poses a significant risk to service availability and operational continuity. The ability for unauthenticated attackers to delete image files can lead to defacement, loss of critical visual content, and disruption of user experience. This could damage the reputation of affected organizations and erode trust among stakeholders and beneficiaries. Additionally, organizations may face increased operational costs due to recovery efforts and potential downtime. Since WeGIA targets Portuguese language users and charitable institutions, European countries with strong Portuguese-speaking communities or organizations that adopt this software are at risk. The vulnerability does not directly compromise confidentiality or data integrity but can indirectly affect organizational credibility and service reliability.

Organizations should immediately upgrade WeGIA installations to version 3.4.8 or later, where the authentication check on the /html/personalizacao_remover.php endpoint has been implemented. Until the upgrade is applied, administrators should consider implementing network-level access controls such as IP whitelisting or web application firewall (WAF) rules to restrict access to the vulnerable endpoint. Monitoring web server logs for unusual or unauthorized requests to /html/personalizacao_remover.php can help detect exploitation attempts. Additionally, backing up image files regularly will facilitate recovery if deletion occurs. For organizations unable to upgrade promptly, temporarily disabling or restricting the endpoint through configuration changes or URL rewriting can mitigate risk. Security teams should also educate users and administrators about the importance of applying patches and monitoring for suspicious activity.