## https://sploitus.com/exploit?id=95E47FAA-39F8-505A-9B9E-C2EBB5E728A2
# Vulnerable React Application (CVE-2025-55182)
This application is a Proof of Concept (PoC) for **CVE-2025-55182**, a critical Remote Code Execution (RCE) vulnerability in React Server Components.
## Vulnerability Details
- **CVE ID**: CVE-2025-55182
- **Severity**: Critical (CVSS 10.0)
- **Affected Components**: React Server Components (RSC)
- **Affected Versions**: React 19.0.0, 19.1.0, 19.1.1, 19.2.0 (and corresponding Next.js versions like 15.x)
## Application Setup
This application is configured with:
- **React**: `19.0.0` (Vulnerable)
- **Next.js**: `15.0.0` (Vulnerable)
## How to Run
1. Install dependencies (if not already done):
```bash
npm install --legacy-peer-deps
```
2. Run the development server:
```bash
npm run dev
```
3. Open [http://localhost:3000](http://localhost:3000)
## Disclaimer
**DO NOT DEPLOY THIS APPLICATION TO PRODUCTION.** It contains a known critical vulnerability that allows remote attackers to execute arbitrary code on the server. This is for educational and testing purposes only.