An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.