Rewterz Threat Advisory – CVE-2021-29469 – Node Redis redis module for Node.js denial of service

Rewterz Threat Advisory – Trend Micro HouseCall for Home Networks Vulnerabilities

April 26, 2021

Rewterz Threat Advisory – CVE-2021-30356 – Check Point Identity Awareness Vulnerability

April 26, 2021

Rewterz Threat Advisory – CVE-2021-29469 – Node Redis redis module for Node.js denial of service

Severity

High

Analysis Summary

CVE-2021-29469

By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. Node Redis redis module for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service flaw in monitor mode.

Impact

Denial of Service

Affected Vendors

NodeJs

Affected Products

Node Redis Module For Node.js 2.6.0
Node Redis Module For Node.js 3.1.0

Remediation

Upgrade to the latest version of redis (3.1.1 or later), available from the Node-redis GIT Repository.

Node-redis GIT Repository

Rewterz Threat Advisory – Trend Micro HouseCall for Home Networks Vulnerabilities

Rewterz Threat Advisory – CVE-2021-30356 – Check Point Identity Awareness Vulnerability

Rewterz Threat Advisory – CVE-2021-29469 – Node Redis redis module for Node.js denial of service

Severity

Analysis Summary

CVE-2021-29469

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan