CVE-2020-5847 - Unraid Remote Code Execution Vulnerability
Project:Unraid
Product:Unraid
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Unraid Remote Code Execution Vulnerability
Description
Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-5847