RediShell (CVE-2025-49844): Securing Your Redis Environments from Critical RCE
CVE-2025-49844, dubbed "RediShell," is a critical remote code execution vulnerability in the popular Redis database. Discovered by security researchers, the flaw arises from a 13-year-old bug in Redis's Lua script replication that leaks unsandboxed variables, allowing attackers to execute arbitrary commands across clustered environments. With a CVSS score near 10, it affects all versions of Redis and poses a serious risk because Redis is used in roughly 75% of cloud environments.
Administrators should immediately upgrade to the patched versions provided by the Redis maintainers and restrict the EVAL and EVALSHA commands to authorised users. In the meantime, disabling Lua or applying the recommended configuration can reduce exposure. Attackers can exploit misconfigurations or open Redis instances on the internet to run shell commands, pivoting deeper into your infrastructure.
Terra System Labs assists clients in auditing their Redis deployments and implementing best practices to defend against this issue. Our penetration testers help identify exposed instances, misconfigurations, and unauthorized access, while our cloud security teams guide remediation by applying access controls, network segmentation, and continuous monitoring.
Additionally, organisations should:
- Ensure all Redis servers require authentication and are not exposed to the public internet.
- Apply the official updates that address CVE-2025-49844 and test them in staging before production deployment.
- Use firewall rules and virtual private networks to limit who can access Redis and other infrastructure services.
By proactively patching and hardening your Redis environments, you can prevent this and future high-severity vulnerabilities from being exploited. Terra System Labs will partner with you to strengthen your databases, protect sensitive data, and maintain uptime even amid emergent threats.
Recent Posts
