CVE-2025-69194

HIGH

GNU Wget2 < 2.2.1 - Path Traversal via Metalink File Name Element

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-69194. PoCs published by secdongle.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2025-69194, a path traversal vulnerability in GNU Wget2 <= 2.2.0. The exploit leverages a malicious Metalink file to achieve arbitrary file write/overwrite, potentially leading to remote code execution.

Description

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user’s environment.

Exploits (1)

nomisec WORKING POC 1 stars

by secdongle · poc

https://github.com/secdongle/POC_CVE-2025-69194

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2025-69194, a path traversal vulnerability in GNU Wget2 <= 2.2.0. The exploit leverages a malicious Metalink file to achieve arbitrary file write/overwrite, potentially leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GNU Wget2 <= 2.2.0

No auth needed

Prerequisites: GNU Wget2 <= 2.2.0 compiled with Metalink support · Victim must execute wget2 with --force-metalink option

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1204 - User Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2025-69194

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2425773

Scores

CVSS v3 8.8

EPSS 0.0071

EPSS Percentile 48.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-22

Status published

Products (1)

gnu/wget2 < 2.2.1

Published Jan 09, 2026

Tracked Since Feb 18, 2026