Medium severity5.3NVD Advisory· Published Dec 27, 2015· Updated May 6, 2026

CVE-2015-7665

Description

Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE.

Affected products

Tails Project/Tails
cpe:2.3:o:tails_project:tails:*:*:*:*:*:*:*:*
Range: <=1.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tails.boum.org/news/version_1.7/index.en.htmlnvdVendor Advisory
git.savannah.gnu.org/cgit/wget.git/commit/nvd
www.openwall.com/lists/oss-security/2015/10/01/10nvd
www.securityfocus.com/bid/76678nvd
labs.riseup.net/code/issues/10364nvd
lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.htmlnvd
mailman.boum.org/pipermail/tails-dev/2015-August/009370.htmlnvd
mailman.boum.org/pipermail/tails-dev/2015-October/009591.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000