Published: 16/06/2018 Updated: 14/08/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis prior to 5.0 allows remote malicious users to cause denial-of-service via an XGROUP command in which the key is not a stream.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redislabs redis

Type confusion in the xgroupCommand function in t_streamc in redis-server in Redis before 50 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream ...

# Exploit Title: Redis 50 Denial of Service # Date: 2018-06-13 # Exploit Author: Fakhri Zulkifli (@d0lph1n98) # Vendor Homepage: redisio/ # Software Link: redisio/download # Version: 50 # Fixed on: 50 # CVE : CVE-2018-12453 Type confusion in the xgroupCommand function in t_streamc in redis-server in Redis before 50 allows re ...

Redis version 50 suffers from a denial of service vulnerability ...

CWE-704 https://github.com/antirez/redis/commit/c04082cf138f1f51cedf05ee9ad36fb6763cafc6 https://gist.github.com/fakhrizulkifli/34a56d575030682f6c564553c53b82b5 https://www.exploit-db.com/exploits/44908/https://nvd.nist.gov https://www.exploit-db.com/exploits/44908/https://access.redhat.com/security/cve/cve-2018-12453

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-12453

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect