Описание
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
Ссылки
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs
Applications that use Wget to access a remote resource using shorthand ...
EPSS
6.5 Medium
CVSS3