A proof-of-concept tool for demonstrating the critical React2Shell vulnerability (CVE-2025-55182 / CVE-2025-66478) on authorized, local testing environments only.
This vulnerability (CVSS 10.0) is being actively exploited by sophisticated threat actors. Amazon Threat Intelligence reports that multiple China-nexus state-sponsored groups, including Earth Lamia and Jackpot Panda, began weaponizing public exploits within hours of disclosure. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added it to its Known Exploited Vulnerabilities (KEV) catalog.
- LEGAL USE ONLY: Use exclusively against systems you own or have explicit written authorization to test.
- IMMEDIATE PATCHING REQUIRED: If vulnerable, you must update immediately. Patching is the only definitive mitigation.
- NO WARRANTY: This tool is for educational and authorized security assessment purposes only.
CVE-2025-55182 (React2Shell) is a critical, pre-authentication Remote Code Execution (RCE) vulnerability in the React Server Components (RSC) "Flight" protocol. A separate identifier, CVE-2025-66478, was assigned for Next.js but has since been rejected as a duplicate of CVE-2025-55182, as both share the same root cause.
- Root Cause: Insecure deserialization in React's server-side package. The Flight protocol's decoding logic fails to properly validate attacker-controlled payloads, allowing prototype pollution and influence over server-side execution paths.
- Attack Vector: Unauthenticated. Attackers can trigger the exploit by sending a single, specially crafted HTTP POST request to a server endpoint.
- Reliability: Testing has shown exploitation has near-100% reliability against vulnerable, default configurations.
- Scope: An application is vulnerable if it supports React Server Components (RSC), even if it does not explicitly implement Server Functions.
chmod +x pwn-nextjs.sh
./pwn-nextjs.sh [TARGET_URL] [COMMAND]# Target specific URL
./pwn-nextjs.sh https://vulnerable-app.example.com "whoami"
rootThe vulnerability originates in specific React packages, affecting any framework that bundles them.
| Component | Affected Versions | Patched Versions | Notes |
|---|---|---|---|
| React Packages ( react-server-dom-webpack, -parcel, -turbopack) |
19.0.0, 19.1.0, 19.1.1, 19.2.0 | 19.0.1, 19.1.2, 19.2.1 | Source of the upstream flaw. |
| Next.js (App Router) | 15.x, 16.x, 14.3.0-canary.77 and later |
15.0.5, 15.1.9, 15.2.6, 15.3.6, 15.4.8, 15.5.7, 16.0.7 | Primary affected framework. |
| Other Frameworks | React Router, Waku, RedwoodJS, Parcel (@parcel/rsc), Vite RSC Plugin |
Update to versions using patched React packages (>19.0.1, 19.1.2, 19.2.1). | Vulnerable if using the affected React packages. |
Not Affected: Next.js 13.x, Next.js 14.x stable releases, Pages Router applications, and the Edge Runtime are not affected.
The RSC Flight protocol serializes data for client-server communication. The vulnerability lies in the deserialization logic on the server, which unsafely expands object properties from the incoming payload without adequate validation. This allows an attacker to inject malicious keys (like __proto__ or constructor) into the request, leading to prototype pollution.
Once the prototype chain is polluted, the server follows attacker-influenced execution paths. This can be chained to execute arbitrary JavaScript code with server privileges, leading to full Remote Code Execution (RCE).
Security researchers have observed successful exploits leading to:
- Credential Harvesting: Attempts to identify and exfiltrate cloud credentials (e.g., from
.aws/credentials). - Cryptocurrency Mining: Deployment of miners like XMRig.
- Malware Deployment: Installation of frameworks like the Sliver C2 framework.
Patching is mandatory and the only way to fully eliminate the vulnerability. There is no configuration setting to disable the vulnerable code path.
# For Next.js users, upgrade to the latest patched version in your release line.
# Example: If you are on Next.js 15.5.x:
npm install [email protected]
# Also ensure React dependencies are updated:
npm install react@latest react-dom@latestVerify that your package-lock.json or yarn.lock files reflect the patched react-server-dom-* package versions (19.0.1, 19.1.2, or 19.2.1).
While patching, deploy Web Application Firewall (WAF) rules to block exploit attempts:
- AWS WAF: The managed rule group
AWSManagedRulesKnownBadInputsRuleSet(v1.24+) includes rules for this CVE. - Google Cloud Armor: A preconfigured
cve-canaryrule is available. - Palo Alto Networks: Signatures are available for products like Snort.
Note: WAF rules are a temporary, incomplete mitigation. They do not replace the need to patch.
Review logs for these signs of exploitation attempts:
- Network: POST requests with
next-actionorrsc-action-idheaders. Request bodies containing patterns like$@or"status":"resolved_model". - Host: Unexpected execution of commands (
whoami,id,uname), reads of/etc/passwd, or file writes to/tmp/(e.g.,pwned.txt) by Node.js processes.
This tool demonstrates a vulnerability with a CVSS score of 10.0 (Maximum Severity) that is under active, state-sponsored exploitation.
- Authorization is Required: Testing must be confined to environments you own and control (e.g., localhost, isolated labs). Unauthorized testing is illegal.
- Responsible Disclosure: If you discover a vulnerable third-party system, do not exploit it. Document your findings and disclose them responsibly to the system owner.
- Purpose: This tool is intended for education, authorized penetration testing, and helping security professionals understand the threat to prioritize patching.
- Official Next.js Advisory (CVE-2025-66478)
- NVD Entry for CVE-2025-55182
- Discovery: Lachlan Davidson, who discovered and responsibly disclosed the vulnerability.
- Threat Intelligence: AWS, Wiz, and other teams tracking in-the-wild exploitation.
Remember: This tool demonstrates why patching is urgent. Use this knowledge to improve security and defend systems, not to compromise them. Ensure all your dependencies are updated to the patched versions listed above.