Skip to content
/ CVE-2025-55182-React2Shell-RCE Public

A modern, user-friendly GUI application for detecting and exploiting the CVE-2025-55182 vulnerability in React Server Components. Built with Python and Tkinter, featuring a sleek neon-themed interface for scanning targets, executing shell commands, and viewing live console output.

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Syrins/CVE-2025-55182-React2Shell-RCE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
exploit
exploit
 
 
lab
lab
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2025-55182 – React2Shell RCE GUI

A modern, neon-themed GUI tool for security testing React2Shell (CVE-2025-55182) on React Server Components / Next.js applications.
Built with Python + CustomTkinter, it lets you:

  • Check if a specific endpoint is vulnerable to React2Shell
  • Run shell commands on confirmed vulnerable targets (for forensics & validation)
  • View live, timestamped console output in a clean UI

⚠️ This is a security research & blue-team tool, not a mass scanner.
Use it only on systems you own or are explicitly authorized to test.

⚠️ Legal & Ethical Disclaimer

This project is provided for educational, defensive, and research purposes only.

  • Do not use this tool against targets you do not own or without proper written authorization.
  • Unauthorized exploitation of systems is illegal in most jurisdictions.
  • The author(s) take no responsibility for any misuse, damage, or legal issues resulting from this tool.
  • By using this repository, you agree that you are solely responsible for your actions.

If you are unsure whether you are allowed to test a system, stop right now.

What is React2Shell (CVE-2025-55182)?

React2Shell (CVE-2025-55182) is a critical unauthenticated Remote Code Execution (RCE) vulnerability in React Server Components (RSC) and frameworks implementing the Flight protocol, most notably Next.js.

Key points:

  • CVSS score: 10.0 (Critical)
  • Affects server-side use of React 19 / RSC and frameworks like Next.js App Router
  • Exploitation requires only a crafted HTTP request to a server function endpoint
  • Allows an attacker to execute arbitrary JavaScript and OS-level commands on the server in default configurations

For detailed technical write-ups, see:

  • React2Shell advisory and original research
  • Blog posts from major security vendors (Wiz, AWS, Datadog, etc.)
  • Community PoCs and analyses

Features

  • 🖥 Modern GUI

    • Dark neon theme with side panel, status badges, and live console
    • Built with CustomTkinter (Python)

  • 🔍 Target Scanner

    • Enter a single target URL (RSC / Next.js server action endpoint)
    • One-click “SCAN TARGET” button
    • Clear status:
      • Vulnerable – appears exploitable via React2Shell
      • Appears safe – exploit pattern not observed
      • Error messages for timeouts / connectivity issues

  • 💣 Command Execution (for confirmed vulnerable systems)

    • Command input box with “RUN” button
    • Only enabled after a successful vulnerability check
    • Output returned and shown in a timestamped console

  • Quick Commands

    • One-click buttons for common forensics commands (e.g. whoami, hostname, id, etc.)
    • Helpful for quick validation and basic triage on test systems

  • 🧾 Verbose Logging

    • Timestamped log lines: [HH:MM:SS] [LEVEL] message
    • Scan start / finish, decisions, and command output all visible

About

A modern, user-friendly GUI application for detecting and exploiting the CVE-2025-55182 vulnerability in React Server Components. Built with Python and Tkinter, featuring a sleek neon-themed interface for scanning targets, executing shell commands, and viewing live console output.

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

CVE-2025-55182 – React2Shell RCE GUI Latest
Dec 8, 2025

Packages

No packages published

Languages