CVE-2014-4877

GNU Wget < 1.16 - Absolute Path Traversal via FTP LIST Response Symlink Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-4877. PoCs published by hdm, including Metasploit module auxiliary/server/wget_symlink_file_write.

AI-analyzed exploit summary This Metasploit module exploits a vulnerability in GNU Wget (CVE-2014-4877) by setting up a malicious FTP server that uses symlinks to write arbitrary files to the target filesystem. It leverages Wget's recursive mode to trick the client into writing data to unintended locations.

Description

Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.

Exploits (1)

metasploit WORKING POC
by hdm · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/server/wget_symlink_file_write.rb

This Metasploit module exploits a vulnerability in GNU Wget (CVE-2014-4877) by setting up a malicious FTP server that uses symlinks to write arbitrary files to the target filesystem. It leverages Wget's recursive mode to trick the client into writing data to unintended locations.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: GNU Wget versions prior to 1.16
No auth needed
Prerequisites: Target must use Wget in recursive mode (-r) to connect to the attacker's FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (22)

Core 22
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201411-05.xml
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2015:121
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2014/dsa-3062
Patch, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/685996
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-11/msg00026.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70751
Third Party Advisory x_refsource_confirm
http://advisories.mageia.org/MGASA-2014-0431.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-1955.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-1764.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2393-1

Scores

EPSS 0.3988
EPSS Percentile 98.4%

Details

CWE
CWE-22
Status published
Products (8)
gnu/wget 1.12
gnu/wget 1.13
gnu/wget 1.13.1
gnu/wget 1.13.2
gnu/wget 1.13.3
gnu/wget 1.13.4
gnu/wget 1.14
gnu/wget < 1.15
Published Oct 29, 2014
Tracked Since Feb 18, 2026