CVE-2020-5847

CRITICAL KEV NUCLEI

Unraid <6.8.0 - RCE

Title source: llm

Description

Unraid through 6.8.0 allows Remote Code Execution.

Exploits (3)

github WRITEUP 4 stars
by tnpitsecurity · poc
https://github.com/tnpitsecurity/CVEs/tree/master/CVE-2020-5847-5849
exploitdb WORKING POC
rubyremotelinux
https://www.exploit-db.com/exploits/48353
metasploit WORKING POC EXCELLENT
by Nicolas CHATELAIN <[email protected]> · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/unraid_auth_bypass_exec.rb

Nuclei Templates (1)

UnRaid <=6.80 - Remote Code Execution
CRITICALby madrobot

References (5)

Scores

CVSS v3 9.8
EPSS 0.9351
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-11-03
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2020-27001
Status published
Products (1)
unraid/unraid < 6.8.0 (2 CPE variants)
Published Mar 16, 2020
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026