CVE-2025-49844 PoC — Redis 资源管理错误漏洞

Source

https://github.com/ksnnd32/redis_exploit

Associated Vulnerability

Title:Redis 资源管理错误漏洞 (CVE-2025-49844)
Description:Redis是美国Redis公司的一套开源的使用ANSI C编写、支持网络、可基于内存亦可持久化的日志型、键值（Key-Value）存储数据库，并提供多种语言的API。 Redis 8.2.1及之前版本存在资源管理错误漏洞，该漏洞源于特制Lua脚本可操纵垃圾收集器，触发释放后重用，可能导致远程代码执行。

Description

🔍 Explore and test the CVE-2025-49844 (RediShell) vulnerability in Redis with this practical lab environment for secure education and research.

File Snapshot


 [4.0K]  /data/pocs/e460746fed6b171f61d0a39f30276843511535f1
├── [ 549]  csv_linker.py
├── [ 809]  data_gen.py
├── [4.0K]  linked_csv
│   ├── [543K]  dev_linked.csv
│   └── [537K]  test_linked.csv
├── [3.2K]  mfcc.py
└── [4.0K]  stromatoporoid
    └── [1.3M]  redis_exploit.zip

3 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!