Share
## https://sploitus.com/exploit?id=2BC02B50-0FD9-52C2-BCFD-1AB8CAB401E9
CVE-2025-55182 Advanced Scanner

![Python](https://img.shields.io/badge/python-3.6+-blue.svg)
![License](https://img.shields.io/badge/license-MIT-green.svg)
![Security](https://img.shields.io/badge/security-tool-red.svg)

Advanced penetration testing tool for detecting and exploiting CVE-2025-55182 vulnerability in Next.js applications

๐Ÿ“‹ Table of Contents
Overview

Features

Installation

Usage

Examples

Bypass Techniques

Technical Details

Disclaimer

Contributing

License

๐Ÿ” Overview
CVE-2025-55182 is a critical Remote Code Execution (RCE) vulnerability affecting Next.js applications through React Server Components. This scanner provides an automated way to detect and exploit this vulnerability with various WAF bypass techniques.

CVSS Score: 9.8 (Critical)

โœจ Features
Multiple Payload Variants: Different exploitation patterns

WAF Bypass Techniques: 8 different bypass methods

Custom Command Execution: Execute arbitrary system commands

Vulnerability Testing: Test-only mode for safe detection

Proxy Support: Route traffic through proxy for debugging

SSL Bypass: Option to skip SSL certificate verification

Retry Mechanism: Automatic retry on failure

Colorful Output: Easy-to-read console interface

๐Ÿš€ Installation
Prerequisites
Python 3.6 or higher

pip package manager

# Install dependencies
pip install -r requirements.txt

# Make the script executable (Linux/Mac)
chmod +x scanner.py
Docker Installation
bash
# Build Docker image
docker build -t cve-2025-55182-scanner .

# Run with Docker
docker run --rm cve-2025-55182-scanner -h
๐Ÿ“– Usage
Basic Usage
bash
# Show help
python scanner.py -h

# Test a target
python scanner.py -d http://target.com --test-only

# Execute command
python scanner.py -d http://target.com -c "whoami"
Command-line Options
Option	Description	Default
-d, --domain	Target URL	http://localhost:3000
-c, --command	Command to execute	id
-t, --technique	Bypass technique (1-8)	1
-p, --proxy	Proxy server	None
-k, --insecure	Skip SSL verification	False
--test-only	Only test for vulnerability	False
-h, --help	Show help message	N/A
๐Ÿ“š Examples
Basic Exploitation
bash
# Test if target is vulnerable
python scanner.py -d http://vulnapp.com --test-only

# Execute simple command
python scanner.py -d http://vulnapp.com -c "id"

# List directory contents
python scanner.py -d https://target.com -c "ls -la" -k

# Read system file
python scanner.py -d http://localhost:3000 -c "cat /etc/passwd"
WAF Bypass Examples
bash
# Use Base64 encoding bypass
python scanner.py -d http://target.com -c "uname -a" -t 2

# Use Unicode encoding
python scanner.py -d https://target.com -c "whoami" -t 3 -k

# Use mixed techniques with proxy
python scanner.py -d http://target.com -c "pwd" -t 4 -p http://127.0.0.1:8080

# Try all techniques automatically
for i in {1..8}; do
    echo "Trying technique $i"
    python scanner.py -d http://target.com -c "hostname" -t $i
    echo ""
done
Advanced Usage
bash
# Test multiple targets from file
for target in $(cat targets.txt); do
    echo "Testing $target"
    python scanner.py -d $target --test-only
done

# Save output to file
python scanner.py -d http://target.com -c "ifconfig" > output.txt

# Use with Burp Suite proxy
python scanner.py -d https://target.com -c "env" -p http://127.0.0.1:8080 -k
๐Ÿ›ก๏ธ Bypass Techniques
The scanner includes 8 different WAF bypass techniques:

Default Payload: Original exploitation pattern

Base64 Encoding: Encode commands in Base64

Unicode Encoding: Use Unicode character encoding

Case Manipulation: Random case variations

Double Encoding: Double URL encoding

Null Bytes: Null byte injection

Mixed Headers: Varied HTTP headers

Random Delays: Add random sleep intervals

Each technique can be selected with the -t flag.

๐Ÿ”ง Technical Details
Vulnerability Background
CVE-2025-55182 is a prototype pollution vulnerability in Next.js that leads to Remote Code Execution through React Server Components. The vulnerability allows attackers to execute arbitrary commands on the server.

Payload Structure
The tool uses a specially crafted multipart/form-data request with prototype pollution to achieve RCE:

Prototype Pollution: Pollutes the Promise prototype chain

Command Injection: Injects Node.js child_process execution

Result Extraction: Extracts results through redirect headers

Detection Method
The scanner sends specially crafted requests and looks for:

X-Action-Redirect headers containing command output

Specific response patterns indicating successful exploitation

Error messages that suggest vulnerability presence

โš ๏ธ Disclaimer
IMPORTANT: LEGAL AND ETHICAL USE ONLY

This tool is provided for:

Security research and education

Authorized penetration testing

Vulnerability assessment with proper permission

Defensive security purposes

DO NOT USE THIS TOOL FOR:

Unauthorized testing of systems

Illegal activities

Malicious purposes

Violating terms of service

By using this tool, you agree to:

Use it only on systems you own or have explicit permission to test

Comply with all applicable laws and regulations

Accept full responsibility for your actions

Not hold the author liable for any misuse

๐Ÿค Contributing
Contributions are welcome! Here's how you can help:

Reporting Issues
Check if the issue already exists

Provide detailed reproduction steps

Include error messages and logs

Specify your environment details

Code Contributions
Fork the repository

Create a feature branch

Write clear commit messages

Add tests if applicable

Submit a pull request

Feature Requests
Suggest new features through GitHub issues with the "enhancement" label.

๐Ÿ“„ License
This project is licensed under the MIT License - see the LICENSE file for details.

MIT License

Copyright (c) 2025

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
๐Ÿ”— References
CVE-2025-55182 Official Entry

ProjectDiscovery Nuclei Template

Next.js Security Advisories

React Server Components Documentation

โญ Star History
If you find this tool useful, please consider giving it a star on GitHub!

Remember: With great power comes great responsibility. Use this tool ethically and legally.