Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances.
The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0.
"An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free, and potentially lead to remote code execution," according to a GitHub advisory for the issue. "The problem exists in all versions of Redis with Lua scripting."
However, for exploitation to be successful, it requires an attacker to first gain authenticated access to a Redis instance, making it crucial that users don't leave their Redis instances exposed to the internet and secure them with strong authentication.
The issue impacts all versions of Redis. It has been addressed in versions 6.2.20, 7.2.11, 7.4.6, 8.0.4, and 8.2.2 released on October 3, 2025.
As temporary workarounds until a patch can be applied, it's advised to prevent users from executing Lua scripts by setting an access control list (ACL) to restrict EVAL and EVALSHA commands. It's also crucial that only trusted identities can run Lua scripts or any other potentially risky commands.
Cloud security company Wiz, which discovered and reported the flaw to Redis on May 16, 2025, described it as a use-after-free (UAF) memory corruption bug that has existed in the Redis source code for about 13 years.
It essentially permits an attacker to send a malicious Lua script that leads to arbitrary code execution outside of the Redis Lua interpreter sandbox, granting them unauthorized access to the underlying host. In a hypothetical attack scenario, it can be leveraged to steal credentials, drop malware, exfiltrate sensitive data, or pivot to other cloud services.
"This flaw allows a post auth attacker to send a specially crafted malicious Lua script (a feature supported by default in Redis) to escape from the Lua sandbox and achieve arbitrary native code execution on the Redis host," Wiz said. "This grants an attacker full access to the host system, enabling them to exfiltrate, wipe, or encrypt sensitive data, hijack resources, and facilitate lateral movement within cloud environments."
While there is no evidence that the vulnerability was ever exploited in the wild, Redis instances are a lucrative target for threat actors looking to conduct cryptojacking attacks and enlist them in a botnet. As of writing, there are about 330,000 Redis instances exposed to the internet, out of which about 60,000 of them lack any authentication.
"With hundreds of thousands of exposed instances worldwide, this vulnerability poses a significant threat to organizations across all industries," Wiz said. "The combination of widespread deployment, default insecure configurations, and the severity of the vulnerability creates an urgent need for immediate remediation."
