Redis warns of critical flaw impacting thousands of instances

The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances.
Dark Reading

Patch Now: 'RediShell' Threatens Cloud Via Redis RCE

"This flaw allows a post auth attacker to send a specially crafted malicious Lua script (a feature supported by default ... enabling them to exfiltrate, wipe, or encrypt sensitive data, hijack ...

Ancient, critical "RediShell" bug menaces thousands of servers

"Given that Redis is used in an estimated 75 percent of cloud environments, the potential impact is extensive," Wiz said. Wiz ...