Share
## https://sploitus.com/exploit?id=AB94135A-3F9D-55A3-BEC2-6F3315163534
# React2Shell — Vulnerable Lab (CVE-2025-55182)

React2Shell is an intentionally vulnerable React.js application provided for educational and research related to CVE-2025-55182. It contains deliberately insecure code and must not be used in production.

The project is packaged and run using Docker, making it easy to spin up a lab environment for learning, research, and security testing.

---

## ⚠️ Important — Responsible Use

- Run this lab only in isolated environments you control (local VM, disposable container).  
- Do NOT test or exploit systems you do not own or lack explicit written permission to assess.  
- The author is not liable for misuse or damage. Use responsibly.

---

## 🐳 Build & Run (Docker)

Clone the Repository:
```bash
https://github.com/subzer0x0/React2Shell.git
cd React2Shell
```

Build the Docker image:
```bash
docker build -t react2shell:latest .
```

Run the container (binds port 3000):
```bash
docker run --rm -p 3000:3000 react2shell:latest
```

Access the application:
http://localhost:3000

---

## 📦 Pull Prebuilt Image (Docker Hub)

Pull the published image:
```bash
docker pull arulkumarv/react2shell:v1
```

Run the pulled image:
```bash
docker run --rm -p 3000:3000 arulkumarv/react2shell:v1
```

---

## 🔬 Exploit Proof‑of‑Concept (PoC)

A public PoC related to CVE-2025-55182 is available at:
https://github.com/msanft/CVE-2025-55182


```bash
git clone https://github.com/msanft/CVE-2025-55182
cd CVE-2025-55182
python poc.py
```


---

## Reference

- PoC repo: https://github.com/msanft/CVE-2025-55182
- React2Shell: https://react2shell.com/