Lucene search
K

91 matches found

Nuclei
Nuclei
added 3 days ago66 views

UnRaid <=6.80 - Remote Code Execution

UnRaid =6.80 allows remote unauthenticated attackers to execute arbitrary code. id: CVE-2020-5847 info: name: UnRaid =6.80 - Remote Code Execution author: madrobot severity: critical description: UnRaid =6.80 allows remote unauthenticated attackers to execute arbitrary code. impact: |...

10CVSS7.2AI score0.95844EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Unraid < 7.3.0 Multiple Command Injection Vulnerabilities (ZDI-26-385 / ZDI-26-386)

The remote host is running a version of Unraid prior to 7.3.0. It is, therefore, affected by multiple vulnerabilities: - A command injection vulnerability exists in the FileUpload.php file due to the lack of proper validation of a user-supplied string before using it to execute a system call. An...

8.8CVSS7.8AI score0.01126EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 12:33 a.m.4 views

EUVD-2026-39108

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...

8.8CVSS7.8AI score0.01114EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 12:33 a.m.6 views

EUVD-2026-39109

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within ToggleState.php...

8.8CVSS7.8AI score0.01126EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 10:16 p.m.8 views

CVE-2026-9772

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...

8.8CVSS0.01114EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 10:16 p.m.7 views

CVE-2026-9773

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within ToggleState.php...

8.8CVSS0.01126EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 9:35 p.m.17 views

CVE-2026-9773 Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability

Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within ToggleState.php...

8.8CVSS0.01126EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 9:35 p.m.11 views

CVE-2026-9773

CVE-2026-9773 affects Unraid Web Server, specifically ToggleState.php, where unsafely used user-supplied input in a system call enables remote code execution. The vulnerability allows an attacker with authentication to execute arbitrary code with the www-data user context. The CVSS v3.0 base scor...

8.8CVSS7.8AI score0.01126EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/24 9:35 p.m.21 views

CVE-2026-9772 Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...

8.8CVSS0.01114EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 9:35 p.m.5 views

CVE-2026-9772

Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...

8.8CVSS6.4AI score0.01114EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/24 9:35 p.m.18 views

CVE-2026-9772

Unraid Web Server FileUpload Command Injection (CVE-2026-9772) allows authenticated attackers to execute arbitrary code on affected installations via a crafted FileUpload.php input, executing a system call as www-data. Root cause: insufficient validation of a user-supplied string before a system ...

8.8CVSS7.8AI score0.01114EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52119

Name of the Vulnerable Software and Affected Versions Unraid Web Server affected versions not specified Description A command injection flaw in the FileUpload.php file allows authenticated remote attackers to execute arbitrary code in the context of the www-data user. The issue is caused by...

8.8CVSS7.7AI score0.01114EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52120

Name of the Vulnerable Software and Affected Versions Unraid affected versions not specified Description A command injection flaw in the web server allows authenticated remote attackers to execute arbitrary code in the context of the www-data user. The issue occurs in the ToggleState.php file due...

8.8CVSS7.7AI score0.01126EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.11 views

CVE-2026-3839

Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Unraid. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.3CVSS7.2AI score0.00651EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.11 views

CVE-2026-3838

Unraid Update Request Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within the update.php file. The...

8.8CVSS7.8AI score0.00757EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.7 views

Unraid < 7.2.4 Multiple Vulnerabilities (ZDI-26-171 / ZDI-26-172)

The remote host is running a version of Unraid prior to 7.2.4. It is, therefore, affected by multiple vulnerabilities: - A path traversal vulnerability exists in the update.php file due to the lack of proper validation of a user-supplied path prior to using it in file operations. An authenticated...

8.8CVSS7.6AI score0.00757EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2026-12168

Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Unraid. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.3CVSS5.9AI score0.00651EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12166

Unraid Update Request Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within the update.php file. The...

8.8CVSS6.3AI score0.00757EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 2:19 p.m.5 views

CVE-2026-3839

Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Unraid. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

7.3CVSS0.00651EPSS
Exploits0References1
NVD
NVD
added 2026/03/16 2:19 p.m.3 views

CVE-2026-3838

Unraid Update Request Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within the update.php file. The...

8.8CVSS0.00757EPSS
Exploits0References1
Rows per page
Query Builder