CVE-2026-28409:

Critical Remote Code Execution vulnerability in WeGIA's database restoration functionality prior to version 3.6.5.

Score
A numerical rating that indicates how dangerous this vulnerability is.

7.2High

Published Date:Feb 27, 2026
CISA KEV Date:*No Data*
Industries Affected:20

Threat Predictions

EPSS Score:0.3
EPSS Percentile:53%

Exploitability

Score:1.2
Attack Vector:NETWORK
Attack Complexity:LOW
Privileges Required:HIGH
User Interaction:NONE
Scope:UNCHANGED

Impact

Score:5.9
Confidentiality Impact:HIGH
Integrity Impact:HIGH
Availability Impact:HIGH

Description Preview

Critical Remote Code Execution vulnerability in WeGIA's database restoration functionality prior to version 3.6.5.

Overview

The vulnerability (CVE-2026-28409) in WeGIA affects versions prior to 3.6.5 and is classified as critical with a CVSS v3.1 base score of 10.0. It allows remote code execution through the database restoration feature, enabling an attacker to execute arbitrary OS commands on the server. The attack vector is network-based, requires no user interaction, and has a low attack complexity. The vulnerability can lead to a complete compromise of the system's confidentiality, integrity, and availability. It is associated with CWE-78, which relates to OS Command Injection.

Remediation

To address this vulnerability, users of WeGIA should immediately upgrade to version 3.6.5 or later. This version contains fixes for the Remote Code Execution vulnerability. Additionally, it is crucial to review and strengthen access controls to prevent unauthorized administrative access, especially considering the previously reported Authentication Bypass vulnerability. Implementing additional security measures such as input validation, output encoding, and the principle of least privilege is recommended to further protect against similar vulnerabilities.