wget Arbitrary File upload and Remote code execution wget wget is a GNU’s command line tool used for retrieving files using HTTP, HTTPS, and FTP and other Internet Protocols. This vulnerability is present in wget versions before 1.18. Prior to version 1.18 if wget is supplied with a malicious url it can be tricked into saving arbitrary remote files supplied by the attacker. This when exploited can also lead to root privilege escalation and other vulnerability.