wget vulnerability

The wget vulnerability tag covers a specific parsing flaw in BusyBox's wget client, tracked as CVE-2025-60876. This medium-severity issue allows specially crafted URLs to embed raw control characters and spaces in the HTTP request-target, enabling request smuggling and header injection. The vulnerability affects wget shipped with BusyBox through version 1.3.7. Discussions on WindowsForum.com focus on the technical details of the flaw, its impact on systems using BusyBox, and potential mitigation steps. This tag is relevant for users and administrators concerned with security vulnerabilities in network utilities, particularly those involving HTTP request manipulation and BusyBox-based environments.