Redis Server - Unauthenticated Access

ID: exposed-redis

Severity: high

Author: pdteam

Tags: network,redis,unauth,exposure,tcp

Description

Redis server without any required authentication was discovered.

YAML Source

id: exposed-redis

info:
  name: Redis Server - Unauthenticated Access
  author: pdteam
  severity: high
  description: Redis server without any required authentication was discovered.
  reference:
    - https://redis.io/topics/security
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
    cvss-score: 7.2
    cwe-id: CWE-306
  metadata:
    max-request: 2
  tags: network,redis,unauth,exposure,tcp

tcp:
  - inputs:
      - data: "info\r\nquit\r\n"

    host:
      - "{{Hostname}}"
      - "tls://{{Hostname}}"
    port: 6379,6380
    read-size: 2048

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "redis_version"
      - type: word
        negative: true
        words:
          - "redis_mode:sentinel"
# digest: 4a0a00473045022100dbf685efbfdbf5eaac350c4e156696773d64905ebf11275267acc4f37e7391e402206f3210d5acdc23f5e478d6871928ea7b7a31c4e34be9f724832e81088221391f:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "network/exposures/exposed-redis.yaml"

View on Github