Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-controlled urls

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

栈缓冲区溢出

GNU Wget2 安全漏洞

GNU Wget2是美国GNU社区的一个网络下载工具。 GNU Wget2存在安全漏洞，该漏洞源于处理特制URL路径时存在栈缓冲区溢出，可能导致内存损坏。

N/A

N/A