Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-0543 PoC — Redis 代码注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2022/CVE-2022-0543.yaml
Associated Vulnerability
Title:Redis 代码注入漏洞 (CVE-2022-0543)
Description:Redis Labs Redis是美国Redis Labs公司的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值(Key-Value)存储数据库,并提供多种语言的API。 Redis 存在代码注入漏洞,攻击者可利用该漏洞远程执行代码。
Description
This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The
vulnerability was introduced by Debian and Ubuntu Redis packages that
insufficiently sanitized the Lua environment. The maintainers failed to
disable the package interface, allowing attackers to load arbitrary libraries.
File Snapshot

 id: CVE-2022-0543

info:
  name: Redis Sandbox Escape - Remote Code Execution
  author: dwisiswant0


...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.