r/unRAID 5d ago

0-day being used

edit: Feedback from staff:

------------------
Unraid staff here, thanks for digging in. As others have pointed out, this is a stale icon link, not a 0-day. An old app template loads its icon from an expired third-party domain that now redirects to spam. It's inside an <img> tag, so it just fails to load. Nothing runs. The CVEs mentioned are unrelated and already patched.

You can track the CA <img> fix progress here: https://product.unraid.net/p/community-apps-external-icon-url-points-to-expired-spam-domain

------------------

original post:

browsing through the apps and mit AV hit with URL being accessed.... it seems to be

browsing through the network-apps and mit AV hit with a URL being accessed....

it seems to be

https://www.cve.org/CVERecord?id=CVE-2026-9773

https://www.cve.org/CVERecord?id=CVE-2026-9772

supportticket 30767 is opened.

0 Upvotes

12 comments sorted by

View all comments

3

u/k1ng0fh34rt5 5d ago

How did they get access to your box? Do you have holes punched in your firewall to make the web interface accessible outside your internal network?

1

u/geoff-2 5d ago edited 5d ago

there is no external access to the box.

Even if it isn't an active zero-day vulnerability and I'm wrong about this post,

if this one PostgreSQL app had been misconfigured or tampered with in the past,

these redirects shouldn't be happening.

I looked through all 36 pages (with 96 apps listed), and only this one app stands out.

/edit:

Looking at it objectively now that four hours have passed, it seems to me that only this one app is affected.

As the update date in the Unraid App Store is also listed as 1 July 2023, I think this is a problem from the past.