A critical remote code execution vulnerability in WeGIA allows administrative users to achieve full system compromise by uploading malicious backup files.

This vulnerability involves an arbitrary OS command injection within the database restoration functionality. While it requires administrative-level authentication, the risk is compounded by the existence of known authentication bypasses that can grant an attacker the necessary privileges to exploit this flaw.

Successful exploitation allows for complete control over the underlying server, potentially leading to the theft of sensitive charitable organization data, total service disruption, and permanent loss of database integrity. The CVSS score of 10.0 reflects the maximum possible severity, indicating that the integrity, availability, and confidentiality of the entire system are at extreme risk.

Immediate Action: Update the WeGIA application to version 3.6.5 or later immediately to patch the vulnerable database restoration logic.

Proactive Monitoring: Review system logs for unusual OS command execution originating from the web server user and monitor file upload directories for suspicious filenames.

Compensating Controls: Restrict access to the administrative interface to trusted IP addresses only and implement a Web Application Firewall (WAF) to detect command injection patterns.

Public Exploit Available: No

The CVSS 10.0 rating necessitates immediate intervention. IT administrators must prioritize the update to version 3.6.5, as this vulnerability provides a direct path to full server takeover once administrative access is obtained.