CVE-2025-55182

The repository contains a Python-based scanner for detecting CVE-2025-55182 and CVE-2025-66478 in Next.js applications using React Server Components. It includes both RCE proof-of-concept payloads and safe side-channel detection methods, with features for WAF bypass and Windows compatibility.

This PoC demonstrates a prototype pollution vulnerability in React Server Functions (e.g., Next.js) leading to RCE via insecure deserialization in the React Flight Protocol. The exploit leverages prototype chain manipulation and a crafted thenable object to achieve arbitrary code execution during deserialization.

This repository contains proof-of-concept exploits for CVE-2025-55182, targeting a vulnerability in React/Next.js applications. The exploit leverages a prototype pollution or deserialization flaw to achieve remote code execution (RCE) by manipulating form data and promise chains.

This repository contains a working proof-of-concept exploit for CVE-2025-55182, a critical RCE vulnerability in React's Flight Protocol. The exploit chains path traversal, fake chunk injection, and $B handler abuse to achieve remote code execution via Function(attacker_code).

This repository contains a Chrome extension for detecting React Server Components (RSC) and Next.js App Router fingerprints, including both passive and active detection methods. It also includes an exploit for a remote code execution (RCE) vulnerability (CVE-2025-55182) via a crafted multipart/form-data payload.

This repository contains a Chrome extension and auxiliary tools designed to detect and fingerprint React Server Components (RSC) and Next.js applications for CVE-2025-55182. It includes passive detection, active fingerprinting, and a Shodan scanner for identifying potentially vulnerable hosts.

This repository contains a functional exploit scanner for CVE-2025-55182, a React Server Components RCE vulnerability in Next.js applications. The script crafts a malicious multipart form request to execute arbitrary commands on vulnerable systems.

This is a functional exploit for CVE-2025-55182 targeting Next.js App Router. It includes detection logic and two exploitation modes (standard and UTF-16LE WAF bypass) to achieve remote code execution via prototype pollution and multipart form data manipulation.

This repository contains a Go-based exploit tool for CVE-2025-55182, targeting a Next.js RCE vulnerability. It includes multiple exploitation chains, WAF bypass techniques, and post-exploitation features like file management and memory shell injection.

This repository contains a scanner for CVE-2025-55182, a critical RCE vulnerability in React Server Components (RSC). The scanner detects exposed RSC endpoints and identifies potential attack surfaces, including WAF bypass techniques.

This repository contains a functional exploit for CVE-2025-55182, which injects a Godzilla memory shell into a vulnerable Node.js application via prototype pollution and deserialization. The exploit establishes a persistent backdoor accessible via a custom HTTP header.

This repository contains a Go-based GUI tool for exploiting CVE-2025-55182 in Next.js, featuring RCE, file management, and memory shell injection capabilities. It integrates with tools like Godzilla and AntSword for post-exploitation.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, a critical pre-authentication remote code execution vulnerability in React Server Components ([email protected]). The exploit leverages prototype chain pollution to achieve arbitrary command execution via a crafted multipart/form-data payload.

This repository provides a minimal intentionally vulnerable Next.js environment to test security scanners against CVE-2025-55182, a pre-authentication RCE vulnerability in React Server Components. It includes a working exploit payload demonstrating command execution via unsafe deserialization.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC) and Next.js App Router. The exploit leverages prototype pollution in React's Flight protocol to achieve arbitrary code execution via crafted multipart POST requests.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, a critical arbitrary code execution vulnerability in React Server Components (RSC) due to improper validation in the `requireModule` function. The exploit leverages prototype chain pollution to access the global `Function` constructor and execute arbitrary code via crafted Flight payloads.

This repository contains a security scanner for CVE-2025-55182, a critical unauthenticated Remote Code Execution vulnerability in React Server Components. The scanner identifies vulnerable dependencies and endpoints without exploiting the vulnerability.

This repository contains a functional exploit for CVE-2025-55182, targeting a prototype pollution vulnerability in Next.js React Server Components to achieve remote code execution (RCE). The exploit supports both direct command execution and reverse shell payloads, with a lab environment for testing.

This repository contains a Python-based exploit for CVE-2025-55182, a critical RCE vulnerability in Next.js applications using React Server Components. The exploit leverages prototype pollution in the Flight protocol deserialization process to achieve arbitrary code execution.

RSC Hunter is a multi-threaded scanner designed to detect and exploit React Server Component (RSC) vulnerabilities using multiple strategies (Assetnote, Msanft, Split Payload, Vercel). It supports WAF bypass techniques, proxy routing, and CSV export for reporting.

This repository is a detailed writeup explaining CVE-2025-55182, a critical vulnerability in React's Flight Protocol. It provides a step-by-step breakdown of the exploit chain, referencing React internals and community PoCs.

React2Shell Toolbox is a security testing toolkit built with Electron and Vue 3, designed to detect and exploit the Next.js React Server Actions prototype pollution vulnerability (CVE-2025-55182). It includes features for POC verification, virtual terminal interaction, and FOFA asset search.

The repository contains only a README file with minimal information, lacking any exploit code or technical details. It appears to be a placeholder or stub for a WAF bypass related to CVE-2025-55182.

This repository provides a commercial PoC for CVE-2025-55182 (React2Shell), a critical RCE vulnerability in Next.js applications using React Server Components. The exploit leverages prototype pollution and deserialization flaws to achieve unauthenticated command execution.

This repository contains a Python-based exploit for CVE-2025-55182, which appears to be an RCE vulnerability. The script includes functionality for command execution and DNS interaction checking via Interactsh for verification.

This repository contains a Burp Suite extension for detecting and exploiting CVE-2025-55182, a Next.js RCE vulnerability. It includes passive scanning, DNSLog detection via Burp Collaborator, and memory shell injection capabilities.

This is a Burp Suite extension designed to scan for CVE-2025-55182, a Remote Code Execution (RCE) vulnerability in Next.js React Server Components (RSC). It sends a crafted multipart request to trigger a server crash and checks for a specific error signature to confirm vulnerability.

This repository contains a functional Python-based exploit for CVE-2025-55182, targeting Next.js Server Actions. The exploit provides an interactive shell with features like command history, file transfer, and privilege escalation via a base64-encoded payload and sudo injection.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, targeting a React Server Components vulnerability to achieve remote code execution (RCE). The exploit crafts a malicious multipart request to inject and execute arbitrary commands via prototype pollution and server-side JavaScript execution.

This repository contains a Python-based scanner tool designed to detect React Server Components (RSC) and Next.js applications by analyzing HTTP responses for specific patterns in HTML content and headers. It is not an exploit but a detection utility for fingerprinting web technologies.

This repository contains a comprehensive toolkit for detecting and exploiting CVE-2025-55182 and CVE-2025-66478, which are critical RCE vulnerabilities in React Server Components and Next.js. It includes Nuclei templates, a Shodan scanner, a Bash exploit script, and a Burp Suite extension.

This repository contains a Python-based exploit for CVE-2025-55182, targeting a prototype pollution vulnerability in a React-based application. The exploit includes payloads for RCE, WAF bypass techniques, and a scanner to detect vulnerable instances.

This repository contains a functional Python-based exploit for CVE-2025-55182, a deserialization vulnerability in Next.js/React Server Components. It provides an interactive shell for remote command execution, vulnerability detection, and file transfer capabilities.

This repository contains a functional proof-of-concept for CVE-2025-55182, demonstrating a critical RCE vulnerability in React Server Components via unsafe deserialization. It includes a vulnerable Next.js application and an exploit script (`curl_id.sh`) to test the vulnerability.

ReactGuard is a framework and vulnerability detection tool for CVE-2025-55182 (React2Shell) and related CVEs, targeting React Server Components implementations. It provides both CLI and Python API interfaces for scanning and identifying vulnerabilities in Next.js, Waku, and other frameworks.

This repository contains a functional PoC for CVE-2025-55182, a critical RCE vulnerability in React Server Components due to unsafe deserialization. The tool supports both detection and exploitation modes, including interactive and reverse shell capabilities.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, a critical pre-authentication remote code execution vulnerability in React Server Components. The exploit leverages unsafe deserialization and prototype pollution to execute arbitrary JavaScript code on the server.

This repository contains a browser-based scanner for detecting CVE-2025-55182 (React RSC RCE) and CVE-2025-66478 (Next.js RSC RCE) in GitHub repositories. It checks package.json files for vulnerable versions of React and Next.js packages.

This is a functional exploit for CVE-2025-55182, targeting a prototype pollution vulnerability in React Server Components. It achieves RCE by polluting Object.prototype.then and leveraging the Function constructor to execute arbitrary commands via spawnSync.

This repository contains a functional SQL injection exploit for WordPress Quiz Maker (CVE-2025-10042), demonstrating time-based blind SQLi via crafted HTTP headers. The PoC includes methods for vulnerability detection, data extraction, and credential dumping.

This is a Python-based PoC for CVE-2025-55182, exploiting a deserialization vulnerability in Next.js applications using React Server Components (RSC) to achieve remote code execution (RCE). The tool crafts a malicious payload that abuses RSC deserialization to execute arbitrary commands on the target system.

This repository contains a functional exploit for CVE-2025-55182, a React Server RCE vulnerability. The PoC leverages React Server Components (RSC) features to bypass WAF detection and achieve remote code execution in React Server environments.

This repository contains a Nuclei template for detecting React2Shell vulnerabilities (CVE-2025-55182 and CVE-2025-66478). It appears to be a detection tool rather than an exploit PoC.

This repository contains a comprehensive toolkit for CVE-2025-55182, a critical pre-authentication RCE vulnerability in React Server Components (versions 19.0.0-19.2.0). It includes a standalone exploit script, Nuclei templates, a web UI, and a vulnerable test environment for educational and authorized testing purposes.

This is a Burp Suite extension designed to detect CVE-2025-55182 by analyzing HTTP requests and responses. It includes payload generation and vulnerability detection logic, but the full exploit details are truncated.

This repository is a curated list of resources regarding CVE-2025-55182, a critical Remote Code Execution (RCE) vulnerability in React Server Components known as 'React2Shell'. It includes links to official documentation, technical analyses, detection tools, and exploitation proofs of concept.

React2Shell is a Python-based exploitation framework for CVE-2025-55182, targeting a pre-authentication RCE vulnerability in Next.js/React Server Functions via prototype pollution in React Flight Protocol deserialization. The tool includes scanning, exploitation, and post-exploitation modules with WAF evasion and stealth features.

This repository provides a detailed technical analysis of CVE-2025-55182, a critical unauthenticated RCE vulnerability in React Server Components. It includes affected versions, mitigation steps, and references to external PoC and scanner tools.

This repository contains a comprehensive toolkit for scanning and exploiting CVE-2025-55182, a critical RCE vulnerability in React Server Components (RSC) frameworks like Next.js, Waku, and React Router. It includes CLI tools, browser extensions, lab environments, and Nuclei templates for detection and exploitation.

This repository contains a Python-based scanner for CVE-2025-55182, which targets Next.js applications. It uses the Zoomeye API to search for vulnerable targets and includes functionality for parallel scanning and reporting.

This is a Python-based exploit for CVE-2025-55182, targeting a prototype pollution vulnerability in Next.js/React applications to achieve remote code execution (RCE). The exploit uses async HTTP requests to send a crafted payload that leverages JavaScript prototype pollution to execute arbitrary commands via Node.js's child_process module.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, demonstrating unauthenticated remote code execution (RCE) in React Server Components via unsafe deserialization in the Flight protocol. The exploit leverages prototype pollution to execute arbitrary commands on vulnerable React/Next.js applications.

This is a README file describing a tool for exploiting a remote code execution vulnerability in React Server Components and Next.js. It provides detailed instructions on usage, affected versions, and attack modes.

This repository contains a deliberately vulnerable Next.js banking application designed to demonstrate CVE-2025-55182 (React) and CVE-2025-66478 (Next.js), which involve insecure deserialization in the RSC Flight protocol. The app is configured with unpatched React 19.0.0 and Next.js 15.0.3 to allow testing of React2Shell vulnerabilities.

This repository contains a Python script designed to detect whether a website uses React Server Components (RSC) or Next.js by checking for specific HTML markers, content types, and headers. It is not an exploit but a detection tool for identifying potential targets affected by CVE-2025-55182 and CVE-2025-66478.

This repository contains a Python-based scanner designed to detect React Server Components (RSC) and Next.js applications by analyzing HTTP responses for specific patterns and headers. It is not an exploit but a reconnaissance tool for fingerprinting web technologies.

This repository contains a Go-based PoC for CVE-2025-55182, a critical RCE vulnerability in React Server Components (Flight protocol) affecting specific versions of Next.js and react-server-dom-webpack. The exploit leverages prototype pollution in Flight protocol deserialization to achieve arbitrary code execution.

This repository contains a working proof-of-concept exploit for CVE-2025-55182, targeting a vulnerability in Next.js and React Server Components (RSC). The exploit includes both a scanner for detecting vulnerable instances and a script for achieving remote code execution (RCE) via crafted multipart POST requests.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, targeting prototype pollution in React Server Components (RSC) in Next.js and Vite. The exploit achieves remote code execution (RCE) by crafting malicious multipart form data payloads.

This is a functional PoC for CVE-2025-55182, exploiting an unsafe deserialization flaw in React Server Components (RSC) to achieve remote code execution (RCE) via crafted Flight protocol chunks. The exploit leverages prototype pollution and Function constructor access to execute arbitrary commands on the server.

This repository contains a scanner and exploit PoC for CVE-2025-55182 and CVE-2025-66478, which are unauthenticated RCE vulnerabilities in React Server Components (RSC) and Next.js. The scanner detects vulnerable dependencies, while the exploit demonstrates command execution on affected systems.

This repository provides a working proof-of-concept exploit for CVE-2025-55182, demonstrating a header bypass technique to achieve remote code execution (RCE) in Next.js applications without requiring the 'Next-Action' header, thus evading WAF detection.

This repository contains a Python-based mass exploit scanner for CVE-2025-55182, a critical RCE vulnerability in React Server Components (RSC) due to insecure deserialization. The exploit leverages crafted HTTP requests to execute arbitrary commands via prototype pollution and child_process.execSync.

This repository contains a proof-of-concept exploit for CVE-2025-55182, a critical pre-authentication Remote Code Execution (RCE) vulnerability in React Server Components (RSC) Flight protocol. The exploit leverages insecure deserialization to achieve prototype pollution and execute arbitrary commands on vulnerable Next.js applications.

This repository contains a passive scanner for detecting Next.js applications vulnerable to React2Shell-style exploits (CVE-2025-55182). It fingerprints Next.js and React Server Components (RSC) and sends a benign React Flight payload to check for vulnerability without executing OS commands.

This repository contains a scanner tool for detecting CVE-2025-55182 and CVE-2025-66478 vulnerabilities in React and Next.js projects using React Server Components (RSC). It scans for vulnerable package versions and RSC usage patterns.

This repository contains a functional PoC for CVE-2025-55182 (React2Shell), a prototype pollution vulnerability in Next.js Server Actions leading to RCE. The exploit sends a crafted multipart/form-data payload to trigger deserialization flaws and checks for RCE indicators in the response.

This repository contains a Python-based PoC exploit for CVE-2025-55182, targeting misconfigured React Server Components or Next.js applications. The tool allows command execution via a crafted request and includes features like WAF bypass techniques and safe check mode.

This repository contains a functional proof-of-concept for CVE-2025-55182, a critical deserialization vulnerability in React Server Components affecting React 19.x and Next.js 15.x-16.x. The exploit demonstrates remote code execution via crafted Flight protocol payloads.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, targeting a deserialization vulnerability in Next.js applications using React Server Components. The exploit allows remote code execution through crafted POST requests with malicious payloads.

This exploit targets a Next.js application vulnerability (CVE-2025-55182) by leveraging prototype pollution and server-side JavaScript injection to achieve remote command execution (RCE). The payload manipulates the Next.js request handling to execute arbitrary commands via child_process.execSync.

This is a functional exploit for CVE-2025-55182, targeting a deserialization vulnerability in Next.js React Server Components (RSC). The PoC constructs a malicious payload to achieve remote code execution (RCE) via JavaScript injection, leveraging prototype pollution and multipart form data.

This repository contains a working proof-of-concept exploit for CVE-2025-55182, targeting a prototype pollution vulnerability in React 19 Server Components with Next.js. The exploit leverages malformed FormData to achieve arbitrary code execution via deserialization flaws.

This is a detailed technical writeup analyzing CVE-2025-55182, a critical vulnerability in Next.js and React, leading to unauthenticated RCE via prototype traversal and Blob deserialization sink exploitation.

This repository contains a Python-based proof-of-concept (PoC) scanner for CVE-2025-55182, demonstrating a command injection vulnerability via a JSON-based POST request. The tool allows security researchers to verify vulnerability by sending commands and retrieving execution output.

This is a functional exploit for CVE-2025-55182, targeting a Next.js application vulnerability that allows remote code execution (RCE) via prototype pollution and server-side JavaScript injection. The script includes both a vulnerability scanner and an interactive shell for post-exploitation.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, demonstrating remote code execution (RCE) in React Server Components, including Next.js with the App Router. The exploit crafts a malicious multipart form request to trigger arbitrary command execution via prototype pollution and server-side rendering manipulation.

This repository contains a proof-of-concept exploit for CVE-2025-55182, a critical deserialization vulnerability in React Server Components (RSC) leading to unauthenticated remote code execution (RCE). The exploit leverages unsafe deserialization in the React Flight protocol to achieve arbitrary JavaScript execution via prototype chain manipulation.

This repository contains a Burp Suite extension designed to scan for CVE-2025-55182, a React RCE vulnerability. The tool captures URLs, applies filters, and checks for vulnerability indicators like 'digest' in responses.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, a critical pre-authentication RCE vulnerability in React Server Components (RSC) Flight protocol due to insecure deserialization. The exploit leverages prototype pollution to achieve arbitrary command execution on vulnerable Next.js applications.

This repository contains a Chrome extension PoC for exploiting CVE-2025-55182, targeting Next.js and React Server Components (RSC) with RCE, source leak, and DoS capabilities. The exploit leverages deserialization vulnerabilities to execute arbitrary commands via crafted JSON payloads.

This repository contains a working PoC for CVE-2025-55182, a critical unauthenticated RCE vulnerability in React Server Components and Next.js App Router due to a missing hasOwnProperty check in Flight protocol deserialization.

This repository provides a Dockerized CTF challenge simulating CVE-2025-55182, a critical RCE vulnerability in React Server Components. The exploit leverages malicious JSON payloads to achieve arbitrary code execution via the `eval()` function.

This repository contains a Chrome extension designed to detect React Server Components (RSC) and Next.js App Router fingerprints. It includes passive and active detection methods but does not contain exploit code for CVE-2025-55182.

This repository contains a Proof of Concept (PoC) for CVE-2025-55182, a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC) due to insecure deserialization. The toolkit includes a browser extension for detection and exploitation, a proxy server to bypass CORS, and a Shodan scanner for identifying vulnerable hosts.

RscScan is a professional cross-platform vulnerability scanner designed to detect CVE-2025-55182, a critical Remote Code Execution (RCE) vulnerability in Next.js Server Actions caused by prototype pollution. The tool provides multi-threaded scanning, real-time progress tracking, and multiple export formats for results.

This repository contains a Chrome extension PoC for CVE-2025-55182, targeting Next.js App Router RSC deserialization vulnerabilities. It includes passive/active scanning and a 1-click RCE exploit via prototype pollution in multipart payloads.

This repository provides a Python-based scanner for detecting indicators of compromise (IoCs) related to CVE-2025-55182, a React Server Components RCE vulnerability. It checks for filesystem artifacts, suspicious processes, systemd services, cron entries, and JavaScript XOR injection patterns.

This repository contains a Chrome extension for detecting React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) by sending safe payloads to target URLs and analyzing responses. It is a reimplementation of the Assetnote react2shell-scanner as a browser extension.

This repository contains a functional exploit for CVE-2025-55182, a pre-authentication RCE vulnerability in React Server Components (versions 19.0.0-19.2.0) due to unsafe deserialization in Server Function endpoints. The exploit crafts a malicious payload to execute arbitrary commands via child_process.execSync.

This repository contains a functional exploit for CVE-2025-55182, a critical RCE vulnerability in Next.js applications. It includes a Python-based exploit script, Docker-based vulnerable lab, and Burp Suite/Nuclei templates for validation.

This repository contains a GUI-based exploit tool for CVE-2025-55182, a critical RCE vulnerability in React Server Components (RSC) and Next.js. The exploit leverages crafted HTTP requests to execute arbitrary commands on vulnerable servers.

This repository contains a Go-based PoC for CVE-2025-55182, a Next.js RCE vulnerability exploiting unsafe deserialization in React Server Components (RSC). The exploit crafts a malicious multipart/form-data request to execute arbitrary commands via child_process.execSync.

This repository contains a working proof-of-concept exploit for CVE-2025-55182, targeting a prototype pollution vulnerability in Next.js 15.4.7. The exploit leverages a malicious multipart form request to achieve remote code execution (RCE) via JavaScript prototype manipulation.

The repository contains a scanner for detecting CVE-2025-55182 and CVE-2025-66478, which are deserialization RCE vulnerabilities in React Server Components and Next.js Server Actions. The scanner includes version fingerprinting and out-of-band RCE confirmation via DNS/HTTP callbacks.

This repository contains a functional proof-of-concept exploit for CVE-2025-55182, a React2Shell vulnerability involving unsafe deserialization in React. The exploit leverages prototype pollution to achieve remote code execution (RCE) via a crafted multipart/form-data payload.

This is a functional exploit for CVE-2025-55182, targeting an SSRF/RCE vulnerability in React/NextJS applications using the experimental-form feature. The PoC sends crafted multipart form data to trigger remote code execution via Node.js child_process module.

This repository contains a scanner for detecting exposure to CVE-2025-55182, a React Server Components (RSC) remote code execution vulnerability. The scanner sends HTTP requests with specific headers to probe for RSC endpoints and analyzes responses for indicators of vulnerability.

This repository contains a scanner for detecting systems vulnerable to CVE-2025-55182, a critical unauthenticated remote code execution vulnerability in React Server Components (RSC) Flight protocol. The scanner uses passive fingerprinting and protocol probing to identify potentially vulnerable systems without attempting exploitation.

This repository contains a functional exploit PoC for CVE-2025-55182, demonstrating a prototype chain vulnerability in React Server Components that leads to remote code execution (RCE). The exploit leverages improper property access in the `requireModule` function, allowing attackers to execute arbitrary JavaScript via modules like `vm`, `child_process`, and `fs`.

This is a Firefox extension designed to detect React2Shell vulnerabilities (CVE-2025-55182 & CVE-2025-66478) by passively monitoring and actively probing for indicators in web applications. It includes WAF detection and manual command execution for authorized testing.

This repository contains documentation for CVE-2025-55182 (React2Shell), providing details in both web and PDF formats. No exploit code is present, only references to external documentation.

This repository contains a Python-based exploit for CVE-2025-55182, targeting a Remote Code Execution (RCE) vulnerability in React Server Components (RSC). The exploit supports multiple techniques, payload generation, and evasion features.

The repository contains a functional exploit for CVE-2025-15158, demonstrating an authenticated arbitrary file upload vulnerability in the WordPress WP Enable WebP plugin (≤1.0). The PoC includes a Python script that logs in, retrieves a nonce, and uploads a malicious file bypassing extension checks.

This repository contains a Java-based GUI tool for detecting and exploiting CVE-2025-55182, a command injection vulnerability in Next.js. The tool supports vulnerability scanning, command execution, memory shell injection, and reverse shell functionality.

This repository provides a command-line tool for detecting and exploiting CVE-2025-55182, a prototype pollution vulnerability in Next.js applications using React Server Components. The tool allows for remote command execution via crafted HTTP POST requests with multipart/form-data.

This repository provides a GUI-based security assessment tool for testing Next.js applications against CVE-2025-55182. It includes features for vulnerability identification, patch verification, and detailed reporting, with built-in safeguards to prevent misuse.

This repository contains a scanner for CVE-2025-55182 (React2Shell), a critical RCE vulnerability in React Server Components. The scanner detects vulnerable React 19.x versions, framework configurations, and Server Function usage.

The repository contains a scanner for detecting RCE vulnerabilities in React Server Components (RSC) and Next.js applications, specifically targeting CVE-2025-55182 and CVE-2025-66478. It includes both safe side-channel detection and RCE PoC capabilities with dynamic command result extraction.

This repository contains a proof-of-concept exploit for CVE-2025-55182, a critical RCE vulnerability in React Server Components (RSC) affecting React 19.x and Next.js. The exploit leverages prototype chain manipulation via `requireModule()` to achieve remote code execution.

This PoC demonstrates a remote code execution (RCE) vulnerability in React Server Components, specifically targeting Next.js applications using the App Router. It exploits a deserialization flaw in vulnerable versions of react-server-dom packages to execute arbitrary commands via crafted multipart form data.

This is a functional Proof of Concept (PoC) for CVE-2025-66478, exploiting a prototype pollution vulnerability in Next.js Server Components to achieve Remote Code Execution (RCE) via crafted multipart/form-data payloads.

This repository contains a fully functional exploit for CVE-2025-55182 (React2Shell), demonstrating unauthenticated Remote Code Execution (RCE) in React Server Components and Next.js via prototype pollution and insecure deserialization. The exploit includes a Go-based interactive shell and a deliberately vulnerable Next.js server for testing.

This repository is a vulnerable web application lab designed to demonstrate CVE-2025-55182 (React) and CVE-2025-66478 (Next.js), which involve insecure deserialization in the RSC Flight protocol leading to potential RCE. It provides a Docker-based environment for testing and understanding the vulnerability.

This repository contains a functional Proof of Concept (PoC) exploit for CVE-2025-55182, a critical remote code execution (RCE) vulnerability in React Server Components (React 19 / Next.js). The exploit leverages prototype pollution and redirect smuggling to execute arbitrary commands on vulnerable servers.

This repository contains a hybrid security scanner for CVE-2025-55182, designed to perform static and dynamic analysis on Next.js/Waku applications to detect vulnerabilities related to React Server Components (RSC). The tool checks for vulnerable dependencies and unsafe RSC patterns without executing harmful payloads.

This is a Firefox extension designed to detect and exploit CVE-2025-55182, a prototype pollution vulnerability in Next.js React Server Actions that leads to Remote Code Execution (RCE). The extension automates scanning, command execution, and bulk scanning of targets.

This PoC exploits CVE-2025-55182, an unauthenticated RCE vulnerability in the react-server package used by React Server Components (RSC). It leverages prototype pollution and server-side JavaScript execution to achieve command injection via a crafted payload sent to the target endpoint.

This repository contains a Python-based scanner and exploitation toolkit targeting React/Spring/GraphQL stacks, specifically designed to exploit CVE-2025-55182 and CVE-2025-66478. It includes payloads for command execution, WAF evasion techniques, and multi-mode CLI functionality for scanning and direct exploitation.

This repository contains a scanner for CVE-2025-55182, a critical RCE vulnerability in React Server Components and Next.js. The scanner checks for the presence of the vulnerability by sending crafted payloads and analyzing HTTP responses.

This repository contains a functional exploit PoC for CVE-2025-55182, targeting a critical RCE vulnerability in Next.js React Server Components. The script includes WAF bypass techniques and supports various customization options for testing.

This repository contains a Python-based scanner and exploit tool for CVE-2025-55182, targeting Next.js React Server Components (RSC). It includes fingerprinting, safe probing, PoC confirmation via redirect-based side-channel, and optional RCE exploitation with command injection or interactive shell.

This repository contains a GUI-based scanner tool designed to detect and demonstrate the React Server Components RCE vulnerability (CVE-2025-55182) in Next.js applications. It automates the exploitation process by constructing malicious payloads and analyzing server responses.

This repository contains a Python-based exploit for CVE-2025-55182, targeting a Node.js Prototype Pollution vulnerability to achieve Remote Code Execution (RCE) via a reverse shell. The exploit leverages a crafted payload to trigger `execSync` and establish a Netcat reverse shell connection.

This repository contains a non-intrusive vulnerability scanner for detecting CVE-2025-55182 and CVE-2025-66478 in React Server Components (RSC) implementations. It uses benign payloads to test for insecure deserialization vulnerabilities without executing malicious code.

This repository contains a working proof-of-concept exploit for CVE-2025-55182, demonstrating an RCE vulnerability in React Server Components due to unsafe deserialization of attacker-controlled payloads. The PoC includes HTTP requests that trigger arbitrary command execution via crafted multipart form data.

This repository contains a functional PoC tool (React2Shell) for testing CVE-2025-55182, a critical RCE vulnerability in Next.js Server Actions. The tool includes vulnerability detection, interactive shell, file operations, and system information gathering capabilities.

This repository contains a Chrome extension that detects vulnerable versions of Next.js by injecting a script to check `next.version` and alerting users if the site is vulnerable to CVE-2025-55182 (react2shell).

This repository contains a Go-based scanner and PoC for CVE-2025-55182, targeting RCE in Next.js applications using React Server Components. It supports bulk scanning, RCE confirmation via command execution, and concurrent checks.

This repository contains a detailed writeup for CVE-2025-55182, a critical unauthenticated RCE vulnerability in React Server Components. It describes the attack vector, affected versions, and mitigation steps but does not include functional exploit code.

This is a Python-based exploit for CVE-2025-55182, targeting a vulnerability in Next.js applications. It includes both safe checks and RCE payloads, with options for WAF bypass and custom command execution.

This PoC demonstrates a remote code execution (RCE) vulnerability in React Server Components (RSC) via vm.runInThisContext. The exploit sends a malicious ACTION payload to trigger arbitrary command execution on the target server.

The repository contains a basic Next.js/React setup but lacks any exploit code or technical details for CVE-2025-55182. It appears to be a placeholder or template project.

This repository contains a functional Go-based exploit for CVE-2025-55182, targeting React Server Components (RSC) in React 19.0.0-19.2.0 and Next.js applications. The exploit provides an interactive shell for remote code execution (RCE) on vulnerable targets.

The repository claims to provide an exploit for CVE-2025-55182 and CVE-2025-66478 but contains obfuscated code with no visible technical details about the vulnerabilities. The README focuses on features like 'integrity verification' and 'obfuscation' rather than explaining the actual exploit mechanics.

This PoC exploits CVE-2025-55182, a prototype pollution vulnerability in React applications leading to remote code execution (RCE). It crafts a malicious multipart form-data request to inject and execute arbitrary commands via Node.js's child_process module.

This repository contains a Python and Bash PoC for CVE-2025-55182, exploiting a prototype pollution vulnerability in React Server Components to achieve pre-authentication RCE via insecure deserialization.

This is a functional Python exploit for CVE-2025-55182, targeting a Next.js React Server Components RCE vulnerability via prototype pollution and command injection. It uses raw sockets with SSL/TLS support to send a crafted multipart/form-data payload.

This repository contains a scanner toolkit for detecting CVE-2025-55182 (React2Shell), a critical RCE vulnerability in React Server Components. It includes tools for endpoint scanning, subdomain enumeration, and vulnerability verification.

This repository provides a functional PoC for CVE-2025-55182, a pre-authentication RCE vulnerability in React Server Components and Next.js. It includes a Dockerized vulnerable environment and an HTTP payload to exploit unsafe deserialization in Server Function endpoints.