Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8v5w-xx4w-fyc3

Summary

Multiple vulnerabilities have been found in Wget, the worst of
    which could lead to the remote execution of arbitrary code.

Aliases

alias	CVE-2016-4971

Fixed_packages

url	pkg:apk/alpine/wget@1.17.1-r1?arch=armhf&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/wget@1.17.1-r1?arch=armhf&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wget@1.17.1-r1%3Farch=armhf&distroversion=v3.4&reponame=main

url	pkg:apk/alpine/wget@1.17.1-r1?arch=x86&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/wget@1.17.1-r1?arch=x86&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wget@1.17.1-r1%3Farch=x86&distroversion=v3.4&reponame=main

url	pkg:apk/alpine/wget@1.17.1-r1?arch=x86_64&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/wget@1.17.1-r1?arch=x86_64&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wget@1.17.1-r1%3Farch=x86_64&distroversion=v3.4&reponame=main

url	pkg:deb/debian/wget@1.18-1?distro=trixie
purl	pkg:deb/debian/wget@1.18-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.18-1%3Fdistro=trixie

url pkg:deb/debian/wget@1.18-5%2Bdeb9u3

purl pkg:deb/debian/wget@1.18-5%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.18-5%252Bdeb9u3

url pkg:deb/debian/wget@1.21-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/wget@1.21-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q53y-6aup-17gk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.21-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/wget@1.21.3-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/wget@1.21.3-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q53y-6aup-17gk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.21.3-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/wget@1.25.0-2?distro=trixie
purl	pkg:deb/debian/wget@1.25.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.25.0-2%3Fdistro=trixie

url	pkg:ebuild/net-misc/wget@1.18
purl	pkg:ebuild/net-misc/wget@1.18
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/wget@1.18

Affected_packages

url pkg:deb/debian/wget@1.4.5-0.1

purl pkg:deb/debian/wget@1.4.5-0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4drq-2td7-akbk

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-fuw5-1kwb-tyck

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-p2rg-34nt-dbc1

vulnerability	VCID-pbm5-fnnd-d3bw

vulnerability	VCID-pvwa-watz-dfh9

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-txw8-ve2p-vubh

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.4.5-0.1

url pkg:deb/debian/wget@1.5.3-1.1

purl pkg:deb/debian/wget@1.5.3-1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4drq-2td7-akbk

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-fuw5-1kwb-tyck

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-p2rg-34nt-dbc1

vulnerability	VCID-pbm5-fnnd-d3bw

vulnerability	VCID-pvwa-watz-dfh9

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-txw8-ve2p-vubh

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.5.3-1.1

url pkg:deb/debian/wget@1.5.3-3

purl pkg:deb/debian/wget@1.5.3-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4drq-2td7-akbk

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-fuw5-1kwb-tyck

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-p2rg-34nt-dbc1

vulnerability	VCID-pbm5-fnnd-d3bw

vulnerability	VCID-pvwa-watz-dfh9

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-txw8-ve2p-vubh

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.5.3-3

url pkg:deb/debian/wget@1.8.1-6.1

purl pkg:deb/debian/wget@1.8.1-6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4drq-2td7-akbk

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-fuw5-1kwb-tyck

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-p2rg-34nt-dbc1

vulnerability	VCID-pbm5-fnnd-d3bw

vulnerability	VCID-pvwa-watz-dfh9

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-txw8-ve2p-vubh

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.8.1-6.1

url pkg:deb/debian/wget@1.9.1-12

purl pkg:deb/debian/wget@1.9.1-12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4drq-2td7-akbk

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.9.1-12

url pkg:deb/debian/wget@1.10.2-2

purl pkg:deb/debian/wget@1.10.2-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.10.2-2

url pkg:deb/debian/wget@1.10.2-2%2Betch1

purl pkg:deb/debian/wget@1.10.2-2%2Betch1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.10.2-2%252Betch1

url pkg:deb/debian/wget@1.11.4-2%2Blenny2

purl pkg:deb/debian/wget@1.11.4-2%2Blenny2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-fbj7-rc7e-mkgh

vulnerability	VCID-h2ee-geak-xqfv

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.11.4-2%252Blenny2

url pkg:deb/debian/wget@1.12-2.1

purl pkg:deb/debian/wget@1.12-2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.12-2.1

url pkg:deb/debian/wget@1.12-2.1%2Bdeb6u1

purl pkg:deb/debian/wget@1.12-2.1%2Bdeb6u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5u23-3wxr-27du

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.12-2.1%252Bdeb6u1

url pkg:deb/debian/wget@1.13.4-3%2Bdeb7u2

purl pkg:deb/debian/wget@1.13.4-3%2Bdeb7u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

vulnerability	VCID-zsab-gux6-eyh6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.13.4-3%252Bdeb7u2

url pkg:deb/debian/wget@1.16-1

purl pkg:deb/debian/wget@1.16-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.16-1

url pkg:deb/debian/wget@1.16-1%2Bdeb8u5

purl pkg:deb/debian/wget@1.16-1%2Bdeb8u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8v5w-xx4w-fyc3

vulnerability	VCID-b4sh-m4q3-8fd3

vulnerability	VCID-cjxy-4u1b-kyht

vulnerability	VCID-qtqz-p2a8-ykcv

vulnerability	VCID-qwxx-kuek-j3fu

vulnerability	VCID-smv5-udwt-5qcq

vulnerability	VCID-um8z-unc6-bqhf

vulnerability	VCID-v7yu-hy66-gyh4

vulnerability	VCID-yyf4-yz4z-rugu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/wget@1.16-1%252Bdeb8u5

url pkg:rpm/redhat/wget@1.14-13?arch=el7

purl pkg:rpm/redhat/wget@1.14-13?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8v5w-xx4w-fyc3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/wget@1.14-13%3Farch=el7

References

reference_url	http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1
reference_id
reference_type
scores
url	http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1

reference_url	http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html
reference_id
reference_type
scores
url	http://lists.gnu.org/archive/html/info-gnu/2016-06/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-08/msg00043.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-08/msg00043.html

reference_url	http://packetstormsecurity.com/files/162395/GNU-wget-Arbitrary-File-Upload-Code-Execution.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/162395/GNU-wget-Arbitrary-File-Upload-Code-Execution.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2587.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2587.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4971.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4971.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4971

reference_id

reference_type

scores

value	0.74996
scoring_system	epss
scoring_elements	0.9886
published_at	2026-04-01T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98874
published_at	2026-04-18T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.9887
published_at	2026-04-12T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98871
published_at	2026-04-13T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98873
published_at	2026-04-16T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98861
published_at	2026-04-02T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98863
published_at	2026-04-04T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98865
published_at	2026-04-07T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98866
published_at	2026-04-09T12:55:00Z

value	0.74996
scoring_system	epss
scoring_elements	0.98869
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4971

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4971
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4971

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.paloaltonetworks.com/CVE-2016-4971
reference_id
reference_type
scores
url	https://security.paloaltonetworks.com/CVE-2016-4971

reference_url	https://www.exploit-db.com/exploits/40064/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/40064/

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url	http://www.securityfocus.com/bid/91530
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91530

reference_url	http://www.securitytracker.com/id/1036133
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036133

reference_url	http://www.ubuntu.com/usn/USN-3012-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3012-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1343666
reference_id	1343666
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1343666

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827003
reference_id	827003
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827003

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget::::::::
reference_id	cpe:2.3:a:gnu:wget::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:wget::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*
reference_id	cpe:2.3:o:oracle:solaris:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:paloaltonetworks:pan-os::::::::
reference_id	cpe:2.3:o:paloaltonetworks:pan-os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:paloaltonetworks:pan-os::::::::

reference_url	http://legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt
reference_id	CVE-2016-4971
reference_type	exploit
scores
url	http://legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40064.txt
reference_id	CVE-2016-4971
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40064.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/49815.py
reference_id	CVE-2016-4971
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/49815.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4971

reference_id

CVE-2016-4971

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4971

reference_url	https://security.gentoo.org/glsa/201610-11
reference_id	GLSA-201610-11
reference_type
scores
url	https://security.gentoo.org/glsa/201610-11

reference_url	https://access.redhat.com/errata/RHSA-2016:2587
reference_id	RHSA-2016:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2587

reference_url	https://usn.ubuntu.com/3012-1/
reference_id	USN-3012-1
reference_type
scores
url	https://usn.ubuntu.com/3012-1/

Weaknesses

cwe_id	73
name	External Control of File Name or Path
description	The product allows user input to control or influence paths or file names that are used in filesystem operations.

Exploits

date_added	2016-07-06
description	GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2016-07-06
exploit_type	remote
platform	linux
source_date_updated	2016-07-06
data_source	Exploit-DB
source_url	http://legalhackers.com/advisories/Wget-Arbitrary-File-Upload-Vulnerability-Exploit.txt

Severity_range_score 4.3 - 8.8

Exploitability 2.0

Weighted_severity 7.9

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8v5w-xx4w-fyc3

Vulnerability Instance