Plattform
linux
Komponente
unraid
Behoben in
7.2.4
CVE-2026-3838 is a Remote Code Execution (RCE) vulnerability affecting Unraid, a network-attached storage (NAS) operating system. This flaw allows authenticated attackers to execute arbitrary code on vulnerable systems, potentially leading to complete compromise. The vulnerability impacts Unraid versions 7.2.3–7.2.3 and has been addressed with a security update.
The impact of CVE-2026-3838 is significant due to the potential for remote code execution. A successful exploit allows an attacker to gain complete control over the Unraid server, potentially leading to data breaches, system compromise, and denial of service. Given the server's role in managing storage and virtual machines, the blast radius extends to all data and services hosted on the affected system. This vulnerability shares characteristics with other path traversal exploits where attackers manipulate file paths to access unauthorized resources and execute malicious code.
CVE-2026-3838 was publicly disclosed on 2026-03-13. The vulnerability is considered to have a medium probability of exploitation (EPSS score pending). Public proof-of-concept (POC) code may become available, increasing the risk of exploitation. Monitor security advisories and threat intelligence feeds for updates on exploitation attempts.
Organizations and individuals running Unraid NAS devices, particularly those with publicly exposed management interfaces or weak authentication practices, are at risk. Shared hosting environments utilizing Unraid are also vulnerable, as a compromised account on one virtual machine could potentially be leveraged to exploit this vulnerability on the host system.
• linux / server:
journalctl -u unraid -g 'update.php'• linux / server:
ps aux | grep -i update.php• generic web:
curl -I http://<unraid_ip>/update.php?file=../../../../etc/passwd | head -n 1disclosure
Exploit-Status
EPSS
1.57% (81% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-3838 is to upgrade Unraid to the patched version. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting access to the update.php file through a Web Application Firewall (WAF) or proxy server. Configure the WAF to block requests containing suspicious path traversal patterns (e.g., '../'). Monitor Unraid logs for unusual activity, particularly requests to the update.php file. After upgrading, verify the fix by attempting a manual update and confirming that the path traversal vulnerability is no longer exploitable.
Aktualisieren Sie Unraid auf eine Version nach 7.2.3. Dies behebt die Path Traversal (Pfadüberschreitung) Vulnerability in der Datei update.php.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-3838 is a Remote Code Execution vulnerability in Unraid versions 7.2.3–7.2.3, allowing authenticated attackers to execute arbitrary code.
If you are running Unraid version 7.2.3–7.2.3, you are potentially affected. Upgrade immediately.
Upgrade Unraid to the latest patched version. As a temporary measure, implement WAF rules to block suspicious requests.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a potential risk.
Refer to the official Unraid security advisory on their website for detailed information and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.