CyberSecurityBoard
Sponsor Register Login

Redishell RCE Vulnerability Exposes 8500 Redis Servers to Remote Attacks

A critical Remote Code Execution (RCE) vulnerability named Redishell has been discovered, exposing over 8,500 Redis servers worldwide to potential cyberattacks. This vulnerability allows attackers to execute arbitrary commands remotely, putting sensitive data and server integrity at significant risk. Redis, a popular in-memory data structure store used by many organizations for caching and real-time analytics, is affected by this flaw due to improper security configurations and lack of authentication in exposed instances. Cybersecurity experts warn that threat actors could exploit Redishell to deploy malware, steal data, or use compromised servers as a foothold for further network infiltration. The vulnerability underscores the importance of securing Redis deployments by implementing strong authentication, network segmentation, and regular patching. Organizations running Redis servers are urged to audit their systems immediately and apply recommended security measures to mitigate potential exploitation. This incident highlights the growing attack surface in cloud and server infrastructure, emphasizing proactive defense strategies in cybersecurity practices.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 30 Oct 2025 16:40:12 +0000


Cyber News related to Redishell RCE Vulnerability Exposes 8500 Redis Servers to Remote Attacks

Redishell RCE Vulnerability Exposes 8500 Redis Servers to Remote Attacks - A critical Remote Code Execution (RCE) vulnerability named Redishell has been discovered, exposing over 8,500 Redis servers worldwide to potential cyberattacks. This vulnerability allows attackers to execute arbitrary commands remotely, putting ...
2 months ago Cybersecuritynews.com CVE-2023-28432
Patch Now for Redishell Redis RCE - A critical remote code execution vulnerability known as Redishell has been discovered in Redis, a popular in-memory data structure store used widely in cloud environments. This vulnerability allows attackers to execute arbitrary code remotely, posing ...
3 months ago Darkreading.com CVE-2023-38408
Hackers Compromised Over 1,200 Redis Database Servers - A new type of malware, designed to target vulnerable Redis servers on the internet, has been spreading rapidly since September 2021. This is a quick-spreading malware, designed to operate stealthily, that has already infiltrated over thousand ...
2 years ago Cybersecuritynews.com
Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously - Attackers are using an 8-year-old version of the Redis open-source database server to maliciously use Metasploit's Meterpreter module to expose exploits within a system, potentially allowing for takeover and distribution of a host of other malware. ...
1 year ago Darkreading.com
New HeadCrab Malware Hijacks 1,200 Redis Servers - Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed "HeadCrab", designed to build a botnet that mines Monero cryptocurrency. At least 1,200 servers have been infected by the HeadCrab ...
2 years ago Heimdalsecurity.com
HeadCrab Malware Compromises Over 1,200 Redis Servers Worldwide New Stealthy Threat Detected - At least 1,200 Redis database servers around the world have been taken over by a dangerous and hard-to-detect threat called HeadCrab since early September 2021. According to Aqua Security researcher Asaf Eitani, this advanced threat actor uses a ...
2 years ago Thehackernews.com
New Migo malware disables protection features on Redis servers - Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency. Redis is an in-memory data structure store used as a database, cache, and message broker known ...
1 year ago Bleepingcomputer.com
Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes - “An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed,” Redis maintainers explained in their security advisory. “Exposure to this vulnerability requires a Redis ...
8 months ago Cybersecuritynews.com CVE-2025-21605
'Cryptomining Malware Infects 1,200 Redis Servers with HeadCrab Botnet' - A malicious piece of software known as HeadCrab has infiltrated at least 1,200 Redis servers around the world, according to Aqua Security. Redis servers are designed to be used on secure networks and are vulnerable to unauthorized access if exposed ...
2 years ago Securityweek.com
HeadCrab Malware Infects 1,200 Redis Servers to Mine Monero Cryptocurrency - A new stealthy malware, HeadCrab, designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021. Discovered by Aqua Security researchers Nitzan Yaakov and Asaf Eitani, the malware has so far ensnared ...
2 years ago Bleepingcomputer.com
CVE-2021-21309 - Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. ...
3 years ago
Explore Redis for User Session Management on AWS Elasticache - Just as cities use various systems to keep track of their inhabitants and visitors, web applications rely on user session management to maintain a smooth experience for each person navigating through them. User session management is the mechanism by ...
2 years ago Feeds.dzone.com
New Cryptojacking Attack Exploits Redis Servers - A new cryptojacking attack has been discovered that specifically targets Redis servers, exploiting their vulnerabilities to mine cryptocurrency illicitly. This attack leverages unsecured Redis instances exposed to the internet, allowing attackers to ...
4 months ago Cybersecuritynews.com
CVE-2022-24735 - Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially ...
3 years ago
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com
CVE-2025-54472 - Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions < 1.14.1) on all platforms allows attackers to crash the service via network. ...
4 months ago
Redis Servers Vulnerable to Remote Exploitation, Researchers Warn - Recent research has uncovered critical vulnerabilities in Redis servers that could allow remote exploitation by attackers. Redis, a popular in-memory data structure store used widely for caching and message brokering, has been found to have security ...
3 months ago Infosecurity-magazine.com CVE-2024-XXXX
Stealthier version of P2Pinfect malware targets MIPS devices - The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS processors, such as routers and IoT devices. Due to their efficiency and compact design, MIPS chips are prevalent in embedded systems like routers, ...
2 years ago Bleepingcomputer.com CVE-2022-0543
CVE-2021-32675 - Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk ...
2 years ago
Cisco Routers Exposed to Remote Code Execution (RCE) Attacks: How to Protect Your Network - Protecting networks from remote code execution (RCE) attacks is now more important than ever, as thousands of end-of-life Cisco routers are exposed to these vulnerabilities. On June 10, 2020 research revealed that over 19,000 Cisco devices were still ...
2 years ago Bleepingcomputer.com
ConnectWise urges ScreenConnect admins to patch critical RCE flaw - ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution attacks. This security bug is due to an authentication bypass weakness that attackers can exploit ...
1 year ago Bleepingcomputer.com
JetBrains warns of new TeamCity auth bypass vulnerability - JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. Tracked as CVE-2024-23917, this critical ...
1 year ago Bleepingcomputer.com CVE-2024-23917 CVE-2023-42793 Andariel APT29
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online - Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and ...
2 years ago Bleepingcomputer.com CVE-2023-46604 CVE-2023-4660
Linux Malware Campaign "Migo" Targets Redis For Cryptomining - Security researchers have uncovered a sophisticated malware campaign targeting Redis, a popular data store system. In particular, Cado Security Labs researchers observed that Migo utilizes new Redis system weakening commands to exploit the data store ...
1 year ago Infosecurity-magazine.com
CVE-2018-0252 - A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, ...
6 years ago

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)