[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"vulnerability-27165":17,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":41},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},{"id":18,"detectable_with":19,"vuln_details":26,"vuln_id":38,"name":39,"published":40,"updated":27},27165,{"tool":20,"engine":23},{"id":21,"name":22},1,"Network Scanner",{"id":24,"name":25},2,"Nuclei",{"id":18,"codename":27,"description":27,"severity":28,"risk_description":29,"public_description":30,"public_recommendation":31,"recommendation":27,"references":32,"cvssv3":35,"epss_score":27,"epss_percentile":27,"cve":27,"in_cisa_catalog":36,"date":37,"software_type":27,"vendor":27,"product":27,"ptt_exploit_capabilities":27},null,"high","Running a Redis server with unauthenticated access and exposed to a network\npresents a critical security vulnerability. Unauthorized users can freely\ninteract with the Redis instance, potentially leading to severe consequences\nsuch as the ability to read, modify, or delete any data stored within the\ndatabase, including sensitive application state or cached information.\nFurthermore, Redis functionalities can be abused to achieve remote command\nexecution on the underlying server, allowing attackers to gain control over the\nhosting system. This can be accomplished through techniques like writing files\nto arbitrary locations or executing Lua scripts with malicious intent.\nAdditionally, attackers can perform denial-of-service attacks by overwhelming\nthe server with commands or flushing databases, disrupting applications relying\non Redis. In environments with insufficient network segmentation, a compromised\nRedis instance can also serve as a pivot point for lateral movement to other\nsystems.","This vulnerability exists when a Redis server is configured to accept connections\nwithout requiring any authentication. By default, Redis does not enforce\naccess control. If the Redis instance is bound to a network interface accessible\nto untrusted sources (e.g., the public internet or an insufficiently segmented\ninternal network), malicious actors can establish a connection and interact with\nthe Redis server without any need for usernames, passwords, or other credentials.\nThis lack of access control permits the execution of any Redis command.","We recommend to address the critical risk of unauthenticated Redis access. It is\nimperative to enable authentication. This should be done by configuring a strong\nand unique password using the `requirepass` directive in the Redis configuration\nfile (`redis.conf`). After modifying this setting, the Redis server must be\nrestarted for the changes to take effect. Additionally, it is crucial to ensure\nthat the Redis instance is only accessible from trusted networks or hosts by\nimplementing firewall rules to restrict access to the Redis port (default 6379).\nIdeally, Redis should only be reachable from the application servers that\nrequire it and not directly exposed to the public internet or broader internal\nnetworks. Regularly review network configurations and Redis settings to maintain\nthese security controls.",[33,34],"https://redis.io/docs/latest/operate/oss_and_stack/management/security/","https://owasp.org/www-project-top-ten/2017/A2_Broken_Authentication",7.2,false,"2025-06-23T00:00:00Z","NETSCAN-NUCLEI-DEFAULT-LOGINS-EXPOSED-REDIS","Redis Server - Unauthenticated Access","2025-05-30T00:00:00Z",["Island",42],{"key":43,"params":44,"result":46},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":45},"{\"text-color\":\"gray\"}",{"head":47},{}]