Client Application Firewall
Redis.Lua.Sandbox.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in redis.
This vulnerability is due to improper input validation for a client message. A remote attacker could exploit this vulnerability by sending a crafted message to the target server. Successfully exploiting this vulnerability could result in remote code execution.
Outbreak Alert
Go based malware that targets Redis server's vulnerability CVE-2022-0543 allowing threat actors to drop the Redigo malware and gain server access.
Affected Products
redis Debian Linux 9.0
redis Debian Linux 10.0
redis Debian Linux 11.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005787
https://www.debian.org/security/2022/dsa-5081
Version Updates
Date | Version | Detail |
---|---|---|
2022-06-20 | 21.341 |