Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution
Posted by deepcore on April 18, 2020 – 4:43 pm
This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root.
Post a reply
You must be logged in to post a comment.