This is already known as CVE-2018-1000500
This is what upstream did:
https://git.busybox.net/busybox/commit/networking/wget.c?id=0972c7f7a570c38edb68e1c60a45614b7a7c7d55
This is already known as CVE-2018-1000500
This is what upstream did:
https:/ /git.busybox. net/busybox/ commit/ networking/ wget.c? id=0972c7f7a570 c38edb68e1c60a4 5614b7a7c7d55