CVE-2025-11953

This repository contains functional exploit code demonstrating CVE-2025-11953, a command injection vulnerability in React Native CLI's Metro Development Server. The PoC includes scripts for various attack scenarios (Windows, PowerShell, Unix) targeting the `/open-url` endpoint.

This repository contains a functional exploit for CVE-2025-11953, a critical command injection vulnerability in React Native Community CLI Metro Development Server. The exploit includes both basic and advanced payloads for achieving remote code execution on Windows, Linux, and macOS systems.

This repository contains a working PoC for CVE-2025-11953, demonstrating an OS command injection vulnerability in the Metro Development Server used by React Native Community CLI. The exploit leverages a vulnerable endpoint to execute arbitrary commands, such as launching 'calc.exe' on Windows.

This repository contains a functional proof-of-concept for CVE-2025-11953, demonstrating an OS command injection vulnerability in React Native CLI's Metro development server via the `/open-url` endpoint. The code includes vulnerable server implementations and exploit tests for research purposes.

This repository contains a functional exploit for CVE-2025-11953, a critical OS command injection vulnerability in React Native Community CLI Metro Development Server. The exploit includes both basic and advanced payloads, demonstrating arbitrary command execution via the unsanitized `open-url` endpoint.