CVE-2020-5847 Scanner
CVE-2020-5847 scanner - Remote Code Execution (RCE) vulnerability in Unraid
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
30 seconds
Time Interval
4 weeks
Scan only one
URL
Toolbox
-
Unraid is a popular operating system used to manage network-attached storage devices and virtual machines. It is known for its flexibility and ease of use, making it a preferred choice for many individuals and organizations. The system allows users to manage their data, applications and services through a web-based interface, streamlining their work and improving productivity. With its powerful features and user-friendly design, Unraid has become a go-to solution for many businesses and hobbyists alike.
CVE-2020-5847 is a vulnerability discovered in Unraid 6.8.0, which allows attackers to execute remote code with root privileges through a specially crafted request. This vulnerability can occur due to a flaw in the system's authentication mechanism, which allows an attacker to bypass security checks and gain unauthorized access. This CVE-2020-5847 is classified as a critical vulnerability that poses a severe risk to those who use Unraid 6.8.0, and it must be addressed immediately.
If exploited, this vulnerability can lead to significant damage to digital assets as it allows attackers to gain full control over the affected system. Attackers may install malicious software, steal sensitive information, or execute destructive actions, resulting in compromised security and a breach of privacy. This can severely impact businesses, leading to reputational damage, financial loss, and reduced productivity.
Fortunately, with the s4e.io platform, users can identify vulnerabilities quickly and easily. By subscribing to the platform's pro features, users can access a comprehensive database of known vulnerabilities, receive timely alerts, and gain valuable insights into their digital assets' security. This can help users fortify their systems and protect against potential attacks, ensuring their safety even in the face of evolving threats.
REFERENCES
- https://sysdream.com/news/lab/
- https://forums.unraid.net/forum/7-announcements/
- https://sysdream.com/news/lab/2020-02-06-cve-2020-5847-cve-2020-5849-unraid-6-8-0-unauthenticated-remote-code-execution-as-root/
- http://packetstormsecurity.com/files/157275/Unraid-6.8.0-Authentication-Bypass-Arbitrary-Code-Execution.html
