A maximum severity vulnerability has been discovered in Redis, putting at least 330,000 exposed instances at risk. The security flaw allows attackers to escape the sandbox and execute remote code on vulnerable servers.
What's at Risk?
The vulnerability, dubbed RediShell, enables attackers to:
- Steal credentials
- Deploy malware and cryptocurrency mining tools
- Extract confidential data from Redis
- Penetrate other systems on the same network
The Root Cause
The weakness stems from a flaw in the Lua interpreter that has been present in Redis source code since 2012. Security researchers from Wiz disclosed the vulnerability in May during a conference in Berlin.
Immediate Actions Required
Redis has released security patches for all versions. Administrators must update immediately, especially for internet-facing installations.
Additional Mitigation Steps:
- Enable authentication for instance access
- Disable Lua scripting and unnecessary commands
- Run Redis using a non-root user account
- Enable logging and monitoring
- Restrict access to authorized networks only
Technical Details
The vulnerability is tracked as CVE-2025-49844. Full technical information is available through the CVE database.
Don't wait—update your Redis instances now to protect against RediShell exploitation.
