## https://sploitus.com/exploit?id=192DFABD-EC58-593A-9EF8-C015D0EA0639
PoC exploit for CVE-2025-49844, a high-risk vulnerability in Redis database, known as "RediShell", caused by a use-after-free flaw in the Lua interpreter. The vulnerability allows an unauthenticated attacker or an attacker with Redis access to trigger memory corruption by crafting a Lua script, potentially leading to remote code execution (RCE), sandbox evasion, or server control.
The vulnerability affects Redis versions below 7.2.11, 7.4.6, 8.0.4, and 8.2.2. The primary entry point is the Redis Lua interpreter, and the probable execution context is a Redis server. The run method is not specified.
Preconditions for exploitation include a vulnerable Redis version and configuration. Expected impact includes remote code execution, sandbox evasion, and server control. Observable network artifacts include abnormal Lua script execution or connection behavior.