Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wget vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-33273
An issue exists in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind).
Dts Monitoring 3.57.0
9.8
CVSSv3
CVE-2022-45551
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows malicious users to escalate privileges via WGET command to the Network Diagnosis endpoint.
Zbt We1626 Firmware 21.06.18
5.5
CVSSv3
CVE-2005-1879
LutelWall 0.97 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
Lutel Lutelwall
5.5
CVSSv3
CVE-2005-1880
everybuddy 0.4.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
Everybuddy Everybuddy
8.8
CVSSv3
CVE-2023-43321
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated malicious user to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component.
Dcnetworks Dcfw-1800-sdc Firmware 3.0
9.8
CVSSv3
CVE-2018-1000517
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appear...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
NA
CVE-2001-0849
viralator CGI script in Viralator 0.9pre1 and previous versions allows remote malicious users to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.
Duncan Hall Viralator 0.7
Duncan Hall Viralator 0.8
Duncan Hall Viralator 0.9 Pre1
NA
CVE-2006-2548
Prodder prior to 0.5, and perlpodder prior to 0.5, allows remote malicious users to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.
Perlpodder Perlpodder 0.3
Prodder Prodder 0.3
Perlpodder Perlpodder 0.2
Prodder Prodder
Perlpodder Perlpodder
1 EDB exploit
5.9
CVSSv3
CVE-2020-15498
An issue exists on ASUS RT-AC1900P routers prior to 3.0.0.4.385_20253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the --no-check-certificate option passed to wget tool used to download firmware update files.
Asus Rt-ac1900p Firmware
9.8
CVSSv3
CVE-2020-11534
An issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server.
Onlyoffice Document Server 5.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »