Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-4971

CWE-7310 documents9 sources

Severity

8.8HIGH

EPSS

75.0%

top 1.13%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

GNU Wget Paloaltonetworks Pan-os Canonical Ubuntu Linux +1 more

Timeline

PublishedJun 30

Latest updateMay 13

Description

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶NVDgnu/wget< 1.18

▶Debianwget< 1.18-1+3

▶NVDpaloaltonetworks/pan-os6.1.0 — 6.1.16+2

▶NVDoracle/solaris10, 11.3+1

Also affects: Ubuntu Linux 12.04, 14.04, 15.10, 16.04

Patches

Patch: git.savannah.gnu.org ↗Patch: lists.gnu.org ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-5w8p-rj9f-xvj7: GNU wget before 1↗2022-05-13

▶

CVEList

CVE-2016-4971: GNU wget before 1↗2016-06-30

▶

OSV

CVE-2016-4971: GNU wget before 1↗2016-06-30

▶

💥Exploits & PoCs

Exploit-DB

GNU Wget < 1.18 - Arbitrary File Upload (2)↗2021-04-30

▶

Exploit-DB

GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution↗2016-07-06

▶

📋Vendor Advisories

Ubuntu

Wget vulnerability↗2016-06-20

▶

Red Hat

wget: Lack of filename checking allows arbitrary file upload via FTP redirect↗2016-06-09

▶

Debian

CVE-2016-4971: wget - GNU wget before 1.18 allows remote servers to write to arbitrary files by redire...↗2016

▶

💬Community

Bugzilla

CVE-2016-4971 wget: Lack of filename checking allows arbitrary file upload via FTP redirect↗2016-06-07

▶