CVE-2025-57761 is a critical SQL Injection vulnerability identified in the WeGIA web management system developed by LabRedesCefetRJ, specifically affecting versions prior to 3.4.10. The vulnerability exists in the /html/funcionario/dependente_remover.php endpoint within the id_funcionario parameter. SQL Injection (CWE-89) occurs when user-supplied input is improperly neutralized before being included in SQL queries, allowing attackers to manipulate the database commands executed by the application. In this case, the id_funcionario parameter does not adequately sanitize input, enabling an attacker to inject arbitrary SQL code. This can lead to unauthorized data access, data modification, or deletion, and potentially full compromise of the backend database. The CVSS 4.0 base score of 9.4 reflects the high severity, with network attack vector (AV:N), low attack complexity (AC:L), no authentication required (AT:N), and no user interaction needed (UI:N). The vulnerability impacts confidentiality, integrity, and availability (VC:H, VI:H, VA:H), and affects a high scope (SC:H) with significant impact on security controls (SI:H) and security attributes (SA:H). Although no known exploits are currently reported in the wild, the ease of exploitation and critical impact make this a significant threat. The issue was addressed in version 3.4.10 of WeGIA, which includes proper input validation and sanitization to prevent SQL Injection attacks.

For European organizations using WeGIA to manage charitable institutions, this vulnerability poses a severe risk. Exploitation could lead to unauthorized disclosure of sensitive personal and financial data of donors, beneficiaries, and employees, violating GDPR and other data protection regulations. Data integrity could be compromised, resulting in fraudulent records or disruption of operations. Availability of the system could be affected if attackers delete or corrupt database contents, impacting critical services provided by these institutions. The reputational damage and potential regulatory penalties could be substantial. Additionally, since WeGIA is a niche product for charitable organizations, the impact is concentrated but severe for affected entities. The lack of authentication requirement and network accessibility means attackers can exploit this remotely without user interaction, increasing the likelihood of automated attacks or mass scanning by threat actors targeting vulnerable installations.

European organizations should immediately verify their WeGIA version and upgrade to 3.4.10 or later to apply the official patch that fixes the SQL Injection vulnerability. If immediate upgrade is not feasible, implement web application firewall (WAF) rules to detect and block malicious SQL payloads targeting the id_funcionario parameter. Conduct thorough input validation and sanitization on all user inputs at the application level as a defense-in-depth measure. Perform regular security audits and penetration testing focusing on injection flaws. Restrict database user permissions to the minimum necessary to limit the impact of potential exploitation. Monitor logs for suspicious activity related to the vulnerable endpoint. Educate development and operations teams about secure coding practices to prevent similar vulnerabilities. Finally, ensure backup and recovery procedures are robust to restore data integrity and availability in case of an attack.