AI Cyberspace

Jul 8, 2016 · Information Security

How CVE‑2016‑4971 Lets Attackers Hijack wget to Install Rootkits

The CVE‑2016‑4971 vulnerability in older wget versions allows attackers to redirect HTTP downloads to malicious FTP resources, causing hidden .bash_profile files to be written and executed, which can grant full host compromise and rootkit installation.