CVE-2020-5849 - Unraid Authentication Bypass Vulnerability

CVE ID:CVE-2020-5849

Project:Unraid

Product:Unraid

Date Added:2021-11-03Due Date:2022-05-03

Vulnerability Name

Unraid Authentication Bypass Vulnerability

Description

Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative interface. This CVE is chainable with CVE-2020-5847 for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2020-5849