CVE-2020-29577

Name of the Vulnerable Software and Affected Versions znc versions prior to 1.7.1-slim

Description The official znc docker images contain a blank password for a root user, which may allow a remote attacker to achieve root access. This issue affects systems using the znc docker container deployed by affected versions of the Docker image.

Recommendations For versions prior to 1.7.1-slim, update to version 1.7.1-slim or later to resolve the issue. As a temporary workaround, consider changing the root password to a secure value until a patch is applied. Restrict access to the znc docker container to minimize the risk of exploitation.