PT-2025-29516 · Wegia · Wegia

Whyrusx

Published

2025-07-12

Updated

2025-07-20

CVE-2025-53821

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.5

Description: WeGIA is an open source web manager. An Open Redirect issue exists in the web application due to an uncontrolled redirection. The control.php API endpoint allows specification of an arbitrary URL via the nextPage parameter.

Recommendations: Update to version 3.4.5 or later. As a temporary workaround, restrict access to the control.php endpoint. Avoid using the nextPage parameter in the control.php endpoint until the issue is resolved.

Exploit

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

BDU:2025-12694

CVE-2025-53821

GHSA-F5C2-JMM6-V2C5

Affected Products

Wegia

PT-2025-29516 · Wegia · Wegia

CVE-2025-53821

Weakness Enumeration

Related Identifiers

Affected Products

References · 12