Home / Security updates / “RediShell” Critical Remote Code Execution in Redis
“RediShell” Critical Remote Code Execution in Redis
Security updates detail rendered from /security-updates/upd_a9d0544ac940e068.
Overview
| ID | upd_a9d0544ac940e068 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Scaleway |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_a9d0544ac940e068 |
| providerId | safebase |
| organizationId | org_9c40dfe3f8d30eb8 |
| trustCenterId | tc_97ceaa0bb95c8ff7 |
| title | “RediShell” Critical Remote Code Execution in Redis |
| message | ## Definition CVE-2025-49844, also known as RediShell, is a critical remote code execution (RCE) vulnerability affecting Redis through its embedded Lua scripting engine. A malicious, authenticated client can execute crafted Lua scripts to escape the sandbox and gain full control of the host. ## How it works This attack allows an authenticated user to send a malicious Lua script, leading to arbitrary code execution outside the Redis Lua interpreter sandbox. This, in turn, grants unauthorized access to the underlying host. The technical process involves: * **Memory Corruption:** Specially crafted Lua scripts manipulate the garbage collector to free memory still referenced by active objects. * **Sandbox Escape:** The resulting use-after-free condition enables code execution beyond the Lua sandbox. * **Host Access:** Attackers achieve native code execution on the Redis host system. Once a Redis host is compromised, attackers can steal credentials, deploy malware, extract sensitive data |
| url | - |
| publishedAt | 2025-10-21 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_9c40dfe3f8d30eb8",
"name": "Scaleway",
"domains": [
"security.scaleway.com",
"scaleway.com"
]
} |
| trust_center | {
"id": "tc_97ceaa0bb95c8ff7",
"name": "Scaleway",
"url": "https://security.scaleway.com",
"host": "security.scaleway.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_a9d0544ac940e068",
"company": "/v1/companies/org_9c40dfe3f8d30eb8",
"trust_center": "/v1/trust-centers/tc_97ceaa0bb95c8ff7",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_a9d0544ac940e068JSON