## https://sploitus.com/exploit?id=99686142-1F10-5676-A20D-6106219F9339
# CVE-2025-55182 React2Shell Detection Tool
Detection tools for finding vulnerable React Server Components in your infrastructure.
## Quick Start
```bash
# Install dependencies
pip3 install requests
# Version detection (passive, safe for production)
python3 checker.py -u https://your-app.com
```
## What's Vulnerable
**React Server Components:**
- react-server-dom-webpack 19.0.0 - 19.2.0
- react-server-dom-turbopack 19.0.0 - 19.2.0
**Next.js:**
- 15.0.0 - 15.0.4 (ships with vulnerable React)
- 14.x and 13.5+ (if React 19 manually installed)
**Fixed in:**
- React 19.2.1+
- Next.js 15.0.5+
## Tools
### checker.py
Passive version detection. Safe to run on production without triggering alerts.
```bash
# Single target
python3 checker.py -u https://app.example.com
# Multiple targets
python3 checker.py -l targets.txt -o results.json
# Verbose mode
python3 checker.py -u https://app.example.com -v
```
Checks for version strings in package.json, JavaScript bundles, HTTP headers, and API endpoints.
### Nuclei Template
If you use Nuclei:
```bash
# Version detection
nuclei -t CVE-2025-55182-react2shell.yaml -u https://app.example.com
nuclei -t CVE-2025-55182-react2shell.yaml -l targets.txt
```
## Remediation
Update to patched versions:
```bash
npm update react-server-dom-webpack@latest
npm update next@latest
```
Verify the fix:
```bash
npm list react-server-dom-webpack next
```
## Notes
The version detection tool is safe for production and won't trigger security alerts. Use it for initial discovery and continuous monitoring.
## References
- [React Security Advisory](https://github.com/facebook/react/security/advisories/GHSA-h4p6-xr9r-2xfq)
- [React Fix PR](https://github.com/facebook/react/pull/31843)
- CVE-2025-55182