Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wget vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-33273
An issue exists in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind).
Dts Monitoring 3.57.0
9.8
CVSSv3
CVE-2022-45551
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows malicious users to escalate privileges via WGET command to the Network Diagnosis endpoint.
Zbt We1626 Firmware 21.06.18
5.5
CVSSv3
CVE-2005-1879
LutelWall 0.97 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
Lutel Lutelwall
5.5
CVSSv3
CVE-2005-1880
everybuddy 0.4.3 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
Everybuddy Everybuddy
8.8
CVSSv3
CVE-2023-43321
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated malicious user to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component.
Dcnetworks Dcfw-1800-sdc Firmware 3.0
9.8
CVSSv3
CVE-2018-1000517
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appear...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
NA
CVE-2001-0849
viralator CGI script in Viralator 0.9pre1 and previous versions allows remote malicious users to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.
Duncan Hall Viralator 0.7
Duncan Hall Viralator 0.8
Duncan Hall Viralator 0.9 Pre1
NA
CVE-2006-2548
Prodder prior to 0.5, and perlpodder prior to 0.5, allows remote malicious users to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.
Perlpodder Perlpodder 0.3
Prodder Prodder 0.3
Perlpodder Perlpodder 0.2
Prodder Prodder
Perlpodder Perlpodder
1 EDB exploit
9.8
CVSSv3
CVE-2020-11534
An issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server.
Onlyoffice Document Server 5.5.0
NA
CVE-2006-2550
perlpodder prior to 0.5 allows remote malicious users to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
Perlpodder Perlpodder 0.3
Perlpodder Perlpodder
Perlpodder Perlpodder 0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »