Lucene search
+L

92 matches found

VulnCheck KEV
VulnCheck KEV
added 2021/11/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-5847

Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access...

10CVSS7.5AI score0.95844EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
added 2021/11/03 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-5849

Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution...

10CVSS7.4AI score0.95844EPSS
Exploits8References1
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.10 views

Unraid Authentication Bypass Vulnerability

Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution...

10CVSS9.5AI score0.95844EPSS
In wildExploits8
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.11 views

Unraid Remote Code Execution Vulnerability

Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access...

10CVSS9.4AI score0.95844EPSS
In wildExploits8
Saint
Saint
added 2020/04/30 12:0 a.m.220 views

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

10CVSS9.7AI score0.95844EPSS
Exploits8
Saint
Saint
added 2020/04/30 12:0 a.m.144 views

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

10CVSS8.9AI score0.95844EPSS
Exploits8
Saint
Saint
added 2020/04/30 12:0 a.m.36 views

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

10CVSS8.9AI score0.95844EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.210 views

Unraid 6.8.0 - Auth Bypass PHP Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

8.7AI score
Exploits0
CNVD
CNVD
added 2020/04/19 12:0 a.m.1 views

Command Execution Vulnerability in Unraid

Unraid is a set of operating systems used primarily by individuals and small businesses. A command execution vulnerability exists in the Unraid system that allows remote attackers to perform system command execution...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/04/18 12:0 a.m.44 views

Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution Exploit

This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...

10CVSS0.8AI score0.95844EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/04/17 12:0 a.m.131 views

Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unraid 6.8.0 Auth Bypass PHP Code Execution', 'Description' = %q This module exploits two vulnerabilities affecting Unraid 6.8.0. An authenticati...

10CVSS1.2AI score0.95844EPSS
Exploits8
Metasploit
Metasploit
added 2020/03/21 10:44 a.m.88 views

Unraid 6.8.0 Auth Bypass PHP Code Execution

This module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...

9.8CVSS9.6AI score0.95844EPSS
Exploits8
CNVD
CNVD
added 2020/03/17 12:0 a.m.4 views

Unraid Authentication Bypass Vulnerability

Unraid is a set of operating systems used primarily by individuals and small businesses. A security vulnerability exists in Unraid version 6.8.0. An attacker could exploit the vulnerability to bypass authentication...

7.5CVSS6.8AI score0.93151EPSS
Exploits7References1
CNVD
CNVD
added 2020/03/17 12:0 a.m.7 views

Unraid Remote Code Execution Vulnerability

Unraid is a set of operating systems used primarily by individuals and small businesses. A security vulnerability exists in Unraid version 6.8.0 and earlier. An attacker could exploit the vulnerability to execute code...

10CVSS7AI score0.95844EPSS
Exploits8References1
NVD
NVD
added 2020/03/16 6:15 p.m.8 views

CVE-2020-5849

Unraid 6.8.0 allows authentication bypass...

7.5CVSS8.8AI score0.93151EPSS
Exploits7References5
OSV
OSV
added 2020/03/16 6:15 p.m.7 views

CVE-2020-5847

Unraid through 6.8.0 allows Remote Code Execution...

9.8CVSS7.2AI score0.95844EPSS
Exploits8References5
OSV
OSV
added 2020/03/16 6:15 p.m.1 views

CVE-2020-5849

Unraid 6.8.0 allows authentication bypass...

7.5CVSS7.2AI score0.95844EPSS
Exploits8References5
NVD
NVD
added 2020/03/16 6:15 p.m.13 views

CVE-2020-5847

Unraid through 6.8.0 allows Remote Code Execution...

10CVSS9.7AI score0.95844EPSS
Exploits8References5
Prion
Prion
added 2020/03/16 6:15 p.m.11 views

Remote code execution

Unraid through 6.8.0 allows Remote Code Execution...

10CVSS8.7AI score0.95844EPSS
Exploits8References4Affected Software1
Prion
Prion
added 2020/03/16 6:15 p.m.13 views

Authentication flaw

Unraid 6.8.0 allows authentication bypass...

5CVSS8.6AI score0.95844EPSS
Exploits8References4Affected Software1
Rows per page
Query Builder