12 matches found
CVE-2020-5849
Unraid 6.8.0 allows authentication bypass...
Unraid OS 6.8.0 Web UI Authentication Bypass Vulnerability - Version Check
Unraid OS is prone to an authentication bypass vulnerability in the Web UI. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Unraid Remote Code Execution (CVE-2020-5847; CVE-2020-5849)
A remote code execution vulnerability exists in Unraid. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Unraid Remote Code Execution Vulnerability
Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access...
Unraid 6.8.0 - Auth Bypass PHP Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...
Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution Exploit
This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...
Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...
CVE-2020-5849
creationtimestamp| type| source ---|---|--- 2020-04-16 22:27:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/unraidauthbypassexec.rb 2020-04-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48353 2021-11-08 08:58:20+00:00|...
Unraid 6.8.0 Auth Bypass PHP Code Execution
This module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...
CVE-2020-5849
Unraid 6.8.0 allows authentication bypass...
CVE-2020-5849
Summary (CVE-2020-5849) Unraid 6.8.0 contains an authentication bypass that can lead to remote code execution when exploited alongside the related issue (CVE-2020-5847). The Nessus plugin notes that Unraid
CVE-2020-5849
Unraid 6.8.0 allows authentication bypass. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...