Client Application Firewall
Redis.Lua.Sandbox.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in redis.
This vulnerability is due to improper input validation for a client message. A remote attacker could exploit this vulnerability by sending a crafted message to the target server. Successfully exploiting this vulnerability could result in remote code execution.
Outbreak Alert
Go based malware that targets Redis server's vulnerability CVE-2022-0543 allowing threat actors to drop the Redigo malware and gain server access.
Affected Products
redis Debian Linux 9.0
redis Debian Linux 10.0
redis Debian Linux 11.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005787
https://www.debian.org/security/2022/dsa-5081
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-06-20 | 21.341 |
| ID | 51512 |
| Created | May 02, 2022 |
| Updated | Jun 17, 2022 |
| Outbreak Alert | Redigo Attack |
| Threat Signal | View Report |
| Risk |
|
| CVE ID | CVE-2022-0543 |
| Known Exploited | Yes |
| Exploit Prediction Score | 97.05% |
| Default Action | drop |
| Affected OS | Linux, BSD |
| Affected App | Other |