url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
Published: 2024-06-16
CVSS: 9.1
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Download Exploit for CVE-2024-38428 here:
Use Tor Browser to access .onion links.
Check our team here:
https://wednesfieldacademy.com/exploit-1015-cve-2022-48618/
