一、 漏洞 CVE-2025-49844 基础信息
漏洞信息
# Redis Lua 使用后释放漏洞可能导致远程代码执行
## 概述
Redis 是一个开源的内存数据库,支持将数据持久化到磁盘。在版本 8.2.1 及以下中,存在一个安全漏洞,允许经过身份验证的用户通过精心构造的 Lua 脚本操作垃圾回收机制,从而触发 **use-after-free** 错误,可能造成远程代码执行(RCE)。
## 影响版本
- Redis 8.2.1 及更早版本
## 细节
- 漏洞源于 Redis 的 Lua 脚本功能中的垃圾回收操作。
- 攻击者可利用特制的 Lua 脚本触发 **use-after-free** 漏洞。
- 该漏洞可在所有支持 Lua 脚本的 Redis 版本中被利用。
## 影响
- 允许经过认证的用户进行远程代码执行(RCE)。
- 可导致 Redis 实例被完全控制,威胁系统安全和数据完整性。
## 解决方案
- **官方修复版本**:Redis 8.2.2
- **临时缓解方法**:使用 ACL 禁止用户执行 `EVAL` 和 `EVALSHA` 命令,防止 Lua 脚本执行。
提示
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
漏洞描述信息
CVSS信息
漏洞类别
漏洞标题
漏洞描述信息
CVSS信息
漏洞类别
二、漏洞 CVE-2025-49844 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | None | https://github.com/gopinaath/CVE-2025-49844-discovery | POC详情 |
| 2 | CVE-2025-49844 – Redis Lua Parser Use-After-Free | https://github.com/dwisiswant0/CVE-2025-49844 | POC详情 |
| 3 | CVE-2025-49844 (RediShell) | https://github.com/raminfp/redis_exploit | POC详情 |
| 4 | None | https://github.com/lastvocher/redis-CVE-2025-49844 | POC详情 |
| 5 | Minimal Redis honeypot detecting RediShell (CVE-2025-49844) exploits. | https://github.com/srozb/reditrap | POC详情 |
| 6 | None | https://github.com/pedrorichil/CVE-2025-49844 | POC详情 |
| 7 | A powerful Redis exploitation tool that leverages CVE-2025-4984 | https://github.com/Yuri08loveElaina/CVE-2025-49844 | POC详情 |
| 8 | CVE-2025-49844 POC | https://github.com/YuanBenSir/CVE-2025-49844_POC | POC详情 |
| 9 | CVE-2025-49844 checker | https://github.com/Mufti22/CVE-2025-49844-RediShell-Vulnerability-Scanner | POC详情 |
| 10 | Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands. | https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2025/CVE-2025-49844.yaml | POC详情 |
| 11 | None | https://github.com/imbas007/CVE-2025-49844-Vulnerability-Scanner | POC详情 |
| 12 | PoC of RediShell | https://github.com/angelusrivera/CVE-2025-49844 | POC详情 |
| 13 | CVE-2025-49844 POC | https://github.com/MiclelsonCN/CVE-2025-49844_POC | POC详情 |
| 14 | 🔍 Explore and test the CVE-2025-49844 (RediShell) vulnerability in Redis with this practical lab environment for secure education and research. | https://github.com/ksnnd32/redis_exploit | POC详情 |
| 15 | 🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access. | https://github.com/Zain3311/CVE-2025-49844 | POC详情 |
| 16 | اسکپلویت اسیب پذیری CVE-2025-49844 | https://github.com/elyasbassir/CVE-2025-49844 | POC详情 |
| 17 | CVE-2025-49844 | https://github.com/B1ack4sh/Blackash-CVE-2025-49844 | POC详情 |
| 18 | Proof-of-concept for CVE-2025-49844 | https://github.com/saneki/cve-2025-49844 | POC详情 |
三、漏洞 CVE-2025-49844 的情报信息
-
-
标题: Lua Use-After-Free may lead to remote code execution · Advisory · redis/redis · GitHub -- 🔗来源链接
标签: x_refsource_CONFIRM
神龙速读
-
标题: Lua script may lead to remote code execution (CVE-2025-49844) · redis/redis@d5728cb · GitHub -- 🔗来源链接
标签: x_refsource_MISC
神龙速读
- https://nvd.nist.gov/vuln/detail/CVE-2025-49844
四、漏洞 CVE-2025-49844 的评论
暂无评论