Featured image of post CVE-2025-24020
Open Redirect Moderate WeGia Security WebApp

CVE-2025-24020

Open Redirect

CVE-2025-24020: URL Redirection to Untrusted Site (Open Redirect) in WeGIA

CVE Publication: https://www.cve.org/CVERecord?id=CVE-2025-24020

Summary

An Open Redirect vulnerability was identified in the control.php endpoint of the Wegia application. The vulnerability allows the nextPage parameter to be manipulated, redirecting authenticated users to arbitrary external URLs without validation. Unauthenticated users will see the message: "Operação negada: Cliente não autorizado".

Details

The issue stems from the lack of validation for the nextPage parameter, which accepts external URLs as redirection destinations. This vulnerability can be exploited to perform phishing attacks or redirect users to malicious websites.

Vulnerable Endpoint: https://comfirewall.wegia.org:8000/WeGIA/controle/control.php

Parameter: nextPage

POC

  1. Log in to the application.
  2. Access the following URL: https://comfirewall.wegia.org:8000/WeGIA/controle/control.php?metodo=listarTodos&nomeClasse=FuncionarioControle&nextPage=https://malicious.com.
  3. The authenticated user will be redirected to https://malicious.com.

Impact

This vulnerability allows:

  • Phishing: Attackers can redirect authenticated users to fake login pages.
  • Malware Distribution: Users can be directed to sites hosting malicious content.
  • Reputation Damage: The trust in the Wegia domain can be harmed.

Reference

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-27g8-5q48-xmw6

Finder

Rafael Corvino

Contributors

Diego Castro

Elisangela Mendonça

Natan Maia Morette

By: CVE-Hunters

© 2020 - 2025 CVE-Hunters
Built with Hugo
Theme Stack designed by Jimmy