Comment by GistNoesis

cURL is a complex beast, it handles plenty of various network protocols, and does it in low-level c, therefore has a lot of potential for exploits if there is a bug like wrongly formatted strings, or buffer overflows. It's a nest for zero-days.

The code is available to anyone to look for such bugs, even the kids with ego problems (aka the hackers). Hackers like curl because it's a nice tool that indeed help them a lot.

Everyone uses curl, willingly or not, embedded by another library which needs some network protocol. Pass a filename that starts with "protocol://... " to any buggy program that will try to open it, and then one branch somewhere inside libcurl will get called. If you give the right magic string, you get a remote shell.