Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.4 views

CVE-2020-5849

Unraid 6.8.0 allows authentication bypass...

7.5CVSS9.5AI score0.93151EPSS
Exploits7References1
OpenVAS
OpenVAS
added 2025/01/31 12:0 a.m.12 views

Unraid OS 6.8.0 Web UI Authentication Bypass Vulnerability - Version Check

Unraid OS is prone to an authentication bypass vulnerability in the Web UI. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS8.8AI score0.95844EPSS
Exploits8References4
Check Point Advisories
Check Point Advisories
added 2021/11/30 12:0 a.m.21 views

Unraid Remote Code Execution (CVE-2020-5847; CVE-2020-5849)

A remote code execution vulnerability exists in Unraid. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.95844EPSS
Exploits8
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.11 views

Unraid Remote Code Execution Vulnerability

Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access...

10CVSS9.4AI score0.95844EPSS
In wildExploits8
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.210 views

Unraid 6.8.0 - Auth Bypass PHP Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

8.7AI score
Exploits0
0day.today
0day.today
added 2020/04/18 12:0 a.m.44 views

Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution Exploit

This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...

10CVSS0.8AI score0.95844EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/04/17 12:0 a.m.131 views

Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

10CVSS1.2AI score0.95844EPSS
Exploits8
Circl
Circl
added 2020/04/16 10:27 p.m.21 views

CVE-2020-5849

creationtimestamp| type| source ---|---|--- 2020-04-16 22:27:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/unraidauthbypassexec.rb 2020-04-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48353 2021-11-08 08:58:20+00:00|...

7.5CVSS7.2AI score0.93151EPSS
Exploits7References9
Metasploit
Metasploit
added 2020/03/21 10:44 a.m.88 views

Unraid 6.8.0 Auth Bypass PHP Code Execution

This module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...

9.8CVSS9.6AI score0.95844EPSS
Exploits8
Cvelist
Cvelist
added 2020/03/16 5:24 p.m.18 views

CVE-2020-5849

Unraid 6.8.0 allows authentication bypass...

8.7AI score0.93151EPSS
Exploits7References4
CVE
CVE
added 2020/03/16 5:24 p.m.1094 views

CVE-2020-5849

Summary (CVE-2020-5849) Unraid 6.8.0 contains an authentication bypass that can lead to remote code execution when exploited alongside the related issue (CVE-2020-5847). The Nessus plugin notes that Unraid

7.5CVSS8.5AI score0.93151EPSS
In wildExploits7References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/03/16 12:0 a.m.19 views

CVE-2020-5849

Unraid 6.8.0 allows authentication bypass. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

10CVSS8.7AI score0.95844EPSS
In wildExploits8References8
Rows per page
Query Builder