A flaw was found in Nmap before 7.70. A directory traversal vulnerability in the way the non-default http-fetch script sanitized URLs. If a user manually ran this NSE script with against a malicious web server, the server could potentially (depending on NSE arguments used) cause files to be saved outside the intended destination directory. Existing files couldn't be overwritten.
Created nmap tracking bugs for this issue:
Affects: fedora-all [bug 1560006]