url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
Published: 2024-06-16
CVSS: 9.1
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Download Exploit for CVE-2024-38428 here:
Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.
https://augustaverburg.nl/exploit-240-cve-2025-4330/
https://augustaverburg.nl/exploit-91-cve-2019-1405/
https://augustaverburg.nl/exploit-233-cve-2025-40909/
https://augustaverburg.nl/exploit-734-cve-2022-45047/