CVE-2025-32023 PoC — Redis 安全漏洞

Source

Associated Vulnerability

Description

CVE-2025-32023

Readme

# CVE-2025-32023 - Redis Remote Code Execution (RCE) 🚨

## 🧠 Overview:

A **critical RCE vulnerability** affecting Redis (< 7.2.4), where attackers can **load malicious modules** using the `MODULE LOAD` command.

## 🕳️ Vulnerability Type:

Remote Code Execution (RCE)

## 💥 **Impact:**

An **unauthenticated attacker** can execute arbitrary code and gain full control of the Redis server.

## 🔓 **Requirements for Exploitation:**

* Redis is **exposed to the internet** 🌍
* No **authentication** is set (no `requirepass` or ACLs) ❌
* Attacker has **write access** to Redis 📝

## 🛠️ **Attack Steps:**

1. Upload malicious `.so` (shared object) file to the Redis server.
2. Use the `MODULE LOAD` command to load the module.
3. Achieve **remote code execution** 💣

## 🧪 **Tested On:**
Redis 7.2.3 and below

## 🚫 **Not Affected:**
Redis **7.2.4 and above**

## 🛡️ Mitigation Steps:

* ✅ Upgrade to **Redis 7.2.4+**
* 🔐 Use **ACLs** or set a strong `requirepass`
* 🧱 Block external access via **firewall**
* 📛 Disable `MODULE LOAD` if not needed

## ⚠️ Security Tip:

Never expose Redis directly to the internet without proper authentication, ACLs, and network restrictions. Redis is **meant to be internal**.

🧩 **CVSS Score:** 9.8 (Critical)

🧬 **Discovered By:** Security researchers in early 2025.

---

File Snapshot

 [4.0K]  /data/pocs/b83c72f059b35d6780cc61c3b33b298061e90f00
├── [ 561]  CVE-2025-32023.py
├── [1.3K]  README.md
└── [4.9K]  solver-CVE-2025-32023.py

0 directories, 3 files

Remarks