Featured image of post CVE-2025-27419
DoS Critical WeGia Security WebApp

CVE-2025-27419

Denial of Service (DoS)

CVE-2025-27419: Denial of Service (DoS) in WeGIA due to Recursive Crawling of Dynamic URLs

CVE Publication: https://www.cve.org/CVERecord?id=CVE-2025-27419

Summary

A Denial of Service (DoS) vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering using tools like OWASP ZAP. The vulnerability is caused by recursive crawling of dynamically generated URLs and insufficient handling of large volumes of requests.

Details

The issue occurs when the OWASP ZAP Spider scans the application and recursively crawls URLs with dynamic parameters. The Spider generates an excessive number of requests due to:

  • The presence of parameters like ?C=M;O=D that create multiple unique URLs.
  • Access to directories exposing static files, such as bower_components and related assets.
  • No rate limiting or restrictions on dynamically generated URLs at the server level.

The problem is exacerbated by:

  • Unlimited depth crawling by the Spider.
  • Recursive exploration of similar URLs with slight variations.
  • Overwhelming the server with a high frequency of requests, which eventually causes it to stop responding.

This behavior was observed in multiple tests, consistently resulting in server downtime.

POC

Steps to reproduce the issue:

  1. Install OWASP ZAP (version 2.15.0 or higher).
  2. Set the Spider configuration as follows:
    • Starting Point: https://comfirewall.wegia.org:8000/
    • Recurse: Enabled.
    • Maximum Depth to Crawl: Unlimited (default: 0).
    • Process Forms: Enabled.
  3. Start the Spider and monitor the server behavior.
  4. After a few seconds:
    • The server becomes unresponsive or starts returning HTTP 5xx errors.
    • Logs show repeated requests to resources like bower_components/ckeditor/plugins and dynamic URLs with parameters.

Affected URLs

1
2

https://comfirewall.wegia.org:8000/WeGIA/html/socio/sistema/controller/bower_components/ckeditor/plugins/balloonpanel/skins/moono-lisa/images/hidpi/?C=M;O=D
https://comfirewall.wegia.org:8000/WeGIA/html/socio/sistema/controller/bower_components/select2/src/js/select2/data/?C=M;O=D

Impact

This is a Denial of Service vulnerability. Any unauthenticated user with access to tools like OWASP ZAP can exploit this issue to make the server unresponsive. This affects the availability of the application and could disrupt business operations. The lack of rate limiting and recursive crawling restrictions increases the risk and makes the vulnerability exploitable by low-skilled attackers.

Reference

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-9rp6-4mqp-g4p8

Finder

Rafael Corvino

Contributors

Diego Castro

Natan Maia Morette

By: CVE-Hunters

© 2020 - 2025 CVE-Hunters
Built with Hugo
Theme Stack designed by Jimmy