wget versions 1.8 and below allow for arbitrary overwriting, creating, and appending to files on the underlying system with the permissions of the user executing the binary. The files to be written to can be anywhere regardless of what the end user has requested. The primary flaw is a failure to sanitize redirection data.
1be8cddd71aff948bf1e3a1902aa0ce2fa4a77c5d800966d1b956c4a162900a8
Proof of concept exploit for the wget directory traversal vulnerability that affects versions 1.8 and below.
4f69b0514c0819b845039ad1a0f2bd0421f909a68ea1db660bb1e9897cb59032