216.73.217.80

CVE-2024-10524

· Published 19/11/2024 15:15 · Modified 21/11/2024 08:48

Labels: CVE-2024-10524 2024-11-19CVE-2024-10524CWE-918[email protected]

Essential information

Published
19/11/2024 15:15
Modified
21/11/2024 08:48
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

CVSS metrics

Description

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References