Zer0E

**Name of the Vulnerable Software and Affected Versions** Redis versions prior to 6.2 Redis versions prior to 6cbea7d **Description** The issue allows a replica to cause an assertion failure in a primary server by sending a non-administrative command, specifically a SET command. This was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this. **Recommendations** For Redis versions prior to 6.2, update to version 6.2 or later to resolve the issue. For Redis versions prior to 6cbea7d, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of the SET command from replicas to minimize the risk of exploitation.