## https://sploitus.com/exploit?id=4BF5726E-E9D2-5A2A-A7B7-E09F4A3EDD78
# Next.js RCE Patcher (CVE-2025-55182)
A simple, automated tool to patch the critical "React2Shell" vulnerability in Next.js applications.
## Quick Start
### ๐ช Windows
1. Double-click **`fix_windows.bat`**.
2. Follow the on-screen prompts.
### ๐ macOS
1. Double-click **`fix_mac.command`**.
2. Follow the on-screen prompts.
### ๐ง Linux
1. Open a terminal.
2. Run: `./fix_linux.sh`
---
## What does this do?
1. Scans your files for `package.json`.
2. Checks if your Next.js version is vulnerable.
3. Updates Next.js to the **nearest safe version** (e.g., 15.0.1 -> 15.0.5).
4. Creates a Git branch (if using Git) or a backup file (`package.json.bak`) before making changes.
## Modes
### โ Easy Mode (Default for Launchers)
Just double-click the launcher script (`fix_windows.bat`, etc.).
- **Fully Automated**: It scans, backups, patches, and logs without asking questions.
- **Safe**: It creates backups automatically.
### ๐ ๏ธ Advanced Mode (Interactive)
If you want full control (approve each patch, skip React updates, etc.), run the script from a terminal **without** the automation flag.
**Windows:**
```powershell
.\patch.ps1 # Asks you for confirmation at every step
```
**Mac/Linux:**
```bash
./patch.sh # Asks you for confirmation at every step
```
## Credits
Author:
License: MIT
---
**Disclaimer**: This tool is provided "as is" without warranty of any kind. While tested against common configurations, please always verify changes before deploying to production.