.. / CVE-2022-0543

Exploit for Redis Lua Sandbox Escape (CVE-2022-0543)

Description:

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

Proof of Concept

PoC exploit

https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce

Try the exploit in a lab environment:

Lab	Machine	Link
Hack The Box	Shared	Go to Practice

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-0543

.. / CVE-2022-0543 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Redis Lua Sandbox Escape (CVE-2022-0543)

Description:

Proof of Concept

PoC exploit

Try the exploit in a lab environment:

.. / CVE-2022-0543