Home > Cyber News > CVE-2022-0543 Used in Attacks Against Redis Servers
CYBER NEWS

CVE-2022-0543 Used in Attacks Against Redis Servers

by   |  Last Update:  |  0 Comments  

CVE-2022-0543 Used in Attacks Against Redis Servers
А recently discovered Redis vulnerability has been used in attacks against servers. According to the official advisory, Redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific, Lua sandbox escape. Exploiting the vulnerability could result in remote code execution.

The attack, based on the CVE-2022-0543 flaw, was uncovered by Juniper Threat Labs researchers that report the issue exists in some Redis Debian packages. Apparently, the attack was launched by the same threat actors that targeted Confluence servers, as well as the Log4j exploit.

The payload used in the latest detected malicious campaign is a variant of the known Muhstik bot that can be used to launch DDoS (Distributed Denial-of-Service) attacks.




CVE-2022-0543 Used in Attacks to Deploy the Muhstik Botnet

According to Juniper Labs, the issue existed because the Lua library in some Debian/Ubuntu packages is provided as a dynamic library, with Ubuntu Bionic and Trusty not affected. When the Lua interpreter initializes, the “package” variable is automatically populated, and that in turn permits access to arbitrary Lua functionality, they explained.

It is noteworthy that the Muhstik botnet has been observed utilizing a number of exploits, including CVE-2017-10271 and CVE-2019-2725 in Oracle WebLogic Server, CVE-2018-7600 in Drupal, CVE-2021-26084 in Atlassian, and CVE-2021-44228 in Apache, known as the Log4j (Log4Shell) exploit.

Google recently said that more than 35,000 Java packages were impacted by the Log4j vulnerabilities, “with widespread fallout across the software industry.” This amounted to more than 8% of the Maven Central repository, which is considered the most significant Java package repository.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. muhstik Virus (.muhstik File) – How to Remove It The .muhstik virus is a ransomware that is currently set...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. DDG Monero Mining Botnet Targets Redis and OrientDB Servers A new botnet carrying out large-scale attacks has been discovered...
  4. The Best Linux Server Distributions in 2017 Gnu/Linux is one of the leading server operating systems due...
  5. .java Files Virus (Dharma Ransomware) – Remove and Restore Files This article aims to help you remove the newly discovered...
  6. Ubuntu Touch OS – Is it Secure Enough and Should You Use It Ah if it isn’t the IT geek’s favorite OS –...
  7. 35,000 Java Packages Affected by Log4j Exploit, Google Says 35,000 Java Packages Impacted by the Log4j Vulnerabilities Google says...
  8. Ubuntu Local Authorization Bypass Bug Likely to Never Be Fixed? It was just reported that a bug filed on Ubuntu...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree