Wget was reported to have a security vulnerability CVE-2014-4877. When Wget is used for recursion download of an FTP site, attackers can craft a malicious symlink file to trigger the vulnerability. Then, the attackers can create arbitrary files, directories, or symlinks and set access permissions in the Wget user system.
How to fix
Upgrade Wget to 1.16 or a later version through the official channel.