CVE-2025-58454 is a high-severity SQL Injection vulnerability (CWE-89) affecting the WeGIA web management software developed by LabRedesCefetRJ, specifically versions prior to 3.4.11. The vulnerability exists in the /WeGIA/html/memorando/listar_despachos.php endpoint within the id_memorando parameter. This parameter is improperly sanitized, allowing an attacker to inject malicious SQL commands. Exploitation does not require authentication or user interaction, and the attack vector is network-based, making it remotely exploitable. Successful exploitation enables an attacker to execute arbitrary SQL queries on the backend database, potentially leading to unauthorized access to sensitive data, data modification, or disruption of service. The CVSS 4.0 base score is 8.9, reflecting high impact on confidentiality, integrity, and availability, with low attack complexity and no privileges required. Although no known exploits are currently reported in the wild, the vulnerability's nature and ease of exploitation make it a critical risk for organizations using affected versions of WeGIA. The vendor has released version 3.4.11 containing a patch that properly neutralizes special SQL elements in the vulnerable parameter, mitigating the risk.

For European organizations using WeGIA to manage charitable institutions or related operations, this vulnerability poses a significant risk. Exploitation could lead to unauthorized disclosure of sensitive personal or financial data, undermining privacy compliance obligations such as GDPR. Data integrity could be compromised, affecting operational reliability and trustworthiness of records. Availability impacts could disrupt critical workflows in charitable organizations, potentially delaying aid or services. Given the lack of authentication requirements, attackers can exploit this remotely, increasing the threat surface. The reputational damage and potential regulatory penalties from data breaches could be substantial. Organizations relying on WeGIA should consider the vulnerability a priority for remediation to maintain operational security and compliance.

European organizations should immediately verify their WeGIA version and upgrade to version 3.4.11 or later, which contains the official patch. Until upgrade is possible, implement strict input validation and parameterized queries or prepared statements at the application level to neutralize SQL injection attempts. Employ Web Application Firewalls (WAFs) with rules targeting SQL injection patterns on the vulnerable endpoint to provide temporary protection. Conduct thorough security audits and penetration testing focusing on SQL injection vectors in WeGIA deployments. Monitor logs for suspicious query patterns or unexpected database errors. Restrict network access to the WeGIA management interface to trusted IPs where feasible. Educate staff on the risks and signs of exploitation attempts. Finally, maintain regular backups of critical data to enable recovery in case of compromise.