Loading...
[get complete service list]
Port Information
Protocol Service Name
tcp redis Redis
Top IPs Scanning
Today Yesterday
89.248.163.200 (266)164.90.134.127 (454)
101.91.107.40 (201)89.248.163.200 (360)
64.227.21.52 (200)101.91.107.40 (336)
159.223.139.72 (154)185.242.226.51 (166)
164.52.24.182 (78)47.113.186.206 (112)
222.188.79.124 (71)203.25.213.157 (102)
3.14.82.245 (70)64.227.21.52 (85)
115.29.105.57 (63)203.57.229.226 (81)
116.176.75.105 (63)47.93.30.35 (81)
103.164.77.156 (60)8.130.81.112 (76)
Port diary mentions
URL
Anatomy of a Redis mining worm
User Comments
Submitted By Date
Comment
Johannes 2018-05-18 12:09:53
Redis by default allows arbitrary file uploads, which can easily be leveraged to execute code. See http://blog.knownsec.com/2015/11/analysis-of-redis-unauthorized-of-expolit/
Sunny Dhabhai 2013-03-12 13:17:55
Redis Server Port which client can run queries. Default Port Exposed to Internet Could Face Brute Force Attacks. Nmap Brute Force Script For Radis: http://nmap.org/nsedoc/scripts/redis-brute.html
CVE Links
CVE # Description
CVE-2015-8080 Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow.