Share
## https://sploitus.com/exploit?id=95E47FAA-39F8-505A-9B9E-C2EBB5E728A2
# Vulnerable React Application (CVE-2025-55182)

This application is a Proof of Concept (PoC) for **CVE-2025-55182**, a critical Remote Code Execution (RCE) vulnerability in React Server Components.

## Vulnerability Details

- **CVE ID**: CVE-2025-55182
- **Severity**: Critical (CVSS 10.0)
- **Affected Components**: React Server Components (RSC)
- **Affected Versions**: React 19.0.0, 19.1.0, 19.1.1, 19.2.0 (and corresponding Next.js versions like 15.x)

## Application Setup

This application is configured with:

- **React**: `19.0.0` (Vulnerable)
- **Next.js**: `15.0.0` (Vulnerable)

## How to Run

1. Install dependencies (if not already done):
   ```bash
   npm install --legacy-peer-deps
   ```
2. Run the development server:
   ```bash
   npm run dev
   ```
3. Open [http://localhost:3000](http://localhost:3000)

## Disclaimer

**DO NOT DEPLOY THIS APPLICATION TO PRODUCTION.** It contains a known critical vulnerability that allows remote attackers to execute arbitrary code on the server. This is for educational and testing purposes only.