Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wget vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45815
ArchiveBox is an open source self-hosted web archiving system. Any users who are using the `wget` extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicio...
Archivebox Archivebox
1 Github repository
NA
CVE-2023-43321
File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated malicious user to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component.
Dcnetworks Dcfw-1800-sdc Firmware 3.0
NA
CVE-2023-33269
An issue exists in DTS Monitoring 3.57.0. The parameter options within the WGET check function is vulnerable to OS command injection (blind).
Dts Monitoring 3.57.0
NA
CVE-2023-33273
An issue exists in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind).
Dts Monitoring 3.57.0
NA
CVE-2022-45551
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows malicious users to escalate privileges via WGET command to the Network Diagnosis endpoint.
Zbt We1626 Firmware 21.06.18
NA
CVE-2022-32572
An os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.
Wwbn Avideo 11.6
6.8
CVSSv2
CVE-2020-7879
This issue exists when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there...
Iptime C200 Firmware
5.8
CVSSv2
CVE-2021-31879
GNU Wget up to and including 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
Gnu Wget
Broadcom Brocade Fabric Operating System Firmware -
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp A250 Firmware -
Netapp 500f Firmware -
1 Github repository
4.3
CVSSv2
CVE-2020-15498
An issue exists on ASUS RT-AC1900P routers prior to 3.0.0.4.385_20253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the --no-check-certificate option passed to wget tool used to download firmware update files.
Asus Rt-ac1900p Firmware
7.5
CVSSv2
CVE-2020-11534
An issue exists in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server.
Onlyoffice Document Server 5.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »