What is the CVSS score of CVE-2020-5847?

CVE-2020-5847 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 93.5%.

Which versions of Unraid are affected by CVE-2020-5847?

Organizations using Unraid through 6.8.0 face critical risk from CVE-2020-5847 rated CVSS 9.8.

Is there a public PoC exploit available for CVE-2020-5847?

Yes, a public proof-of-concept exploit is available for CVE-2020-5847. Prioritise patching immediately. EPSS: 93.5%.

How to fix or mitigate CVE-2020-5847?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Monitor vendor channels for patch availability.

Unraid CVE-2020-5847

CRITICAL

2020-03-16 cve@mitre.org

RCE Unraid

9.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 17, 2026 - 20:45 vuln.today

Added to CISA KEV

Mar 17, 2026 - 14:10 cisa

CISA KEV

PoC Detected

Mar 17, 2026 - 14:10 vuln.today

Public exploit code

CVE Published

Mar 16, 2020 - 18:15 nvd

CRITICAL 9.8

DescriptionCVE.org

Unraid through 6.8.0 allows Remote Code Execution.

AnalysisAI

Unraid through 6.8.0 allows unauthenticated remote code execution (CVE-2020-5847, CVSS 9.8, EPSS 93.5%). This critical vulnerability in the popular NAS operating system enables attackers to execute arbitrary code without authentication, compromising all data stored on the NAS and all Docker containers/VMs running on the Unraid system.

Technical ContextAI

Unraid is a Linux-based NAS operating system popular for home servers and small businesses. The RCE vulnerability allows unauthenticated command execution through the web management interface. Unraid systems typically store large amounts of personal/business data and often run Docker containers and VMs, making compromise extremely impactful.

RemediationAI

Update Unraid immediately. Never expose Unraid management interface to the internet. Use VPN for remote access. Audit stored data for unauthorized access.

CVE-2020-5847 vulnerability details – vuln.today

Back

Unraid CVE-2020-5847

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code