#VU93077 Input validation error in wget


Published: 2024-06-22

Vulnerability identifier: #VU93077

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38428

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
wget
Server applications / File servers (FTP/HTTP)

Vendor: GNU

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper input validation of URL when parsing strings with semicolons within the scheme_leading_string() function in url.c. A remote attacker can pass a specially crafted URL to the application and influence its behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

wget: 1.5.3 - 1.24.5

External links
http://lists.gnu.org/archive/html/bug-wget/2024-06/msg00005.html
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ed0c7c7e0e8f7298352646b2fd6e06a11e242ace

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Red Hat OpenShift Dev Spaces
Multiple vulnerabilities in OpenShift Virtualization 4.15
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.13
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.12
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.12
Red Hat Enterprise Linux 8 update for wget
SUSE update for wget
Ubuntu update for wget
openEuler update for wget
SUSE update for wget