Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Wget2: gnu wget2: memory corruption and crash via filename sanitization logic with attacker-controlled urls
Vulnerability Description
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
GNU Wget2 安全漏洞
Vulnerability Description
GNU Wget2是美国GNU社区的一个网络下载工具。 GNU Wget2存在安全漏洞,该漏洞源于处理特制URL路径时存在栈缓冲区溢出,可能导致内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A