CVE-2025-29266
📋 TL;DR
This vulnerability allows remote attackers to gain root access to Unraid's web interface and console without authentication when specific conditions are met. It affects Unraid systems running containers in Host networking mode with Tailscale enabled. Attackers can completely compromise affected systems.
💻 Affected Systems
- Unraid
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with root access, allowing data theft, ransomware deployment, or persistent backdoor installation.
Likely Case
Unauthorized root access leading to container escape, data exfiltration, and lateral movement within the network.
If Mitigated
Limited impact if systems are isolated or have additional network controls, but still represents significant authentication bypass.
🎯 Exploit Status
Exploitation requires network access to affected system but no authentication. Specific configuration required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 7.0.1
Vendor Advisory: https://docs.unraid.net/unraid-os/release-notes/7.0.1/
Restart Required: Yes
Instructions:
1. Access Unraid web interface. 2. Navigate to Tools > Update OS. 3. Install Unraid OS 7.0.1. 4. Reboot system after update completes.
🔧 Temporary Workarounds
Disable Tailscale on Host Network Containers
linuxRemove Tailscale from any containers using Host networking mode
docker exec -it [container_name] tailscale down
Remove Tailscale from container configuration
Switch to Bridge Networking
linuxChange container networking from Host to Bridge mode
Edit container settings to use Bridge networking instead of Host
🧯 If You Can't Patch
- Isolate affected systems from network access using firewall rules
- Disable all containers using Host networking mode with Tailscale enabled
🔍 How to Verify
Check if Vulnerable:
Check if running Unraid 7.0.0 AND have containers with both Host networking and Tailscale enabledCheck Version:
cat /etc/unraid-versionVerify Fix Applied:
Verify Unraid version is 7.0.1 or later via web interface or command line📡 Detection & Monitoring
Log Indicators:
- Unauthorized root login attempts to web interface
- Unexpected container network configuration changes
Network Indicators:
- Unusual Tailscale traffic patterns
- Unexpected root-level API calls to web interface
SIEM Query:
source="unraid" AND (event="authentication_failure" OR event="root_login")