Lucene search
K

17 matches found

Nuclei
Nuclei
added yesterday66 views

UnRaid <=6.80 - Remote Code Execution

UnRaid =6.80 allows remote unauthenticated attackers to execute arbitrary code. id: CVE-2020-5847 info: name: UnRaid =6.80 - Remote Code Execution author: madrobot severity: critical description: UnRaid =6.80 allows remote unauthenticated attackers to execute arbitrary code. impact: |...

10CVSS7.2AI score0.95844EPSS
Exploits8References5
OpenVAS
OpenVAS
added 2025/01/31 12:0 a.m.10 views

Unraid OS < 6.8.1 Web UI RCE Vulnerability - Version Check

Unraid OS is prone to a remote code execution RCE vulnerability in the Web UI. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.9AI score0.95844EPSS
Exploits8References4
Check Point Advisories
Check Point Advisories
added 2021/11/30 12:0 a.m.21 views

Unraid Remote Code Execution (CVE-2020-5847; CVE-2020-5849)

A remote code execution vulnerability exists in Unraid. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.95844EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.10 views

Unraid Authentication Bypass Vulnerability

Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution...

10CVSS9.5AI score0.95844EPSS
In wildExploits8
Saint
Saint
added 2020/04/30 12:0 a.m.220 views

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

10CVSS9.7AI score0.95844EPSS
Exploits8
Saint
Saint
added 2020/04/30 12:0 a.m.144 views

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

10CVSS8.9AI score0.95844EPSS
Exploits8
Saint
Saint
added 2020/04/30 12:0 a.m.36 views

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

10CVSS8.9AI score0.95844EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.210 views

Unraid 6.8.0 - Auth Bypass PHP Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

8.7AI score
Exploits0
0day.today
0day.today
added 2020/04/18 12:0 a.m.44 views

Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution Exploit

This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...

10CVSS0.8AI score0.95844EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/04/17 12:0 a.m.131 views

Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

10CVSS1.2AI score0.95844EPSS
Exploits8
Circl
Circl
added 2020/04/16 10:27 p.m.16 views

CVE-2020-5847

creationtimestamp| type| source ---|---|--- 2020-04-16 22:27:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/unraidauthbypassexec.rb 2020-04-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48353 2021-11-08 08:58:20+00:00|...

10CVSS7AI score0.95844EPSS
In wildExploits8References9
Metasploit
Metasploit
added 2020/03/21 10:44 a.m.86 views

Unraid 6.8.0 Auth Bypass PHP Code Execution

This module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...

9.8CVSS9.6AI score0.95844EPSS
Exploits8
NVD
NVD
added 2020/03/16 6:15 p.m.11 views

CVE-2020-5847

Unraid through 6.8.0 allows Remote Code Execution...

10CVSS9.7AI score0.95844EPSS
Exploits8References5
Vulnrichment
Vulnrichment
added 2020/03/16 5:23 p.m.6 views

CVE-2020-5847

Unraid through 6.8.0 allows Remote Code Execution...

9.7AI score0.95844EPSS
Exploits8References4
Cvelist
Cvelist
added 2020/03/16 5:23 p.m.23 views

CVE-2020-5847

Unraid through 6.8.0 allows Remote Code Execution...

9.6AI score0.95844EPSS
Exploits8References4
CVE
CVE
added 2020/03/16 5:23 p.m.1079 views

CVE-2020-5847

Unraid 6.8.0 and earlier contains two CVEs: CVE-2020-5847 (remote code execution via insecure use of PHP extract) and CVE-2020-5849 (authentication bypass). Reports and exploit references (Metasploit module and Exploit-DB) confirm practical impact: authenticated admin access can be gained, then a...

10CVSS9.4AI score0.95844EPSS
In wildExploits8References5Affected Software1
OpenVAS
OpenVAS
added 2020/02/14 12:0 a.m.81 views

Unraid OS < 6.8.1 Web UI RCE Vulnerability - Active Check

Unraid OS is prone to a remote code execution RCE vulnerability in the Web UI. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.9AI score0.95844EPSS
Exploits8References4
Rows per page
Query Builder