## https://sploitus.com/exploit?id=AB94135A-3F9D-55A3-BEC2-6F3315163534
# React2Shell — Vulnerable Lab (CVE-2025-55182)
React2Shell is an intentionally vulnerable React.js application provided for educational and research related to CVE-2025-55182. It contains deliberately insecure code and must not be used in production.
The project is packaged and run using Docker, making it easy to spin up a lab environment for learning, research, and security testing.
---
## ⚠️ Important — Responsible Use
- Run this lab only in isolated environments you control (local VM, disposable container).
- Do NOT test or exploit systems you do not own or lack explicit written permission to assess.
- The author is not liable for misuse or damage. Use responsibly.
---
## 🐳 Build & Run (Docker)
Clone the Repository:
```bash
https://github.com/subzer0x0/React2Shell.git
cd React2Shell
```
Build the Docker image:
```bash
docker build -t react2shell:latest .
```
Run the container (binds port 3000):
```bash
docker run --rm -p 3000:3000 react2shell:latest
```
Access the application:
http://localhost:3000
---
## 📦 Pull Prebuilt Image (Docker Hub)
Pull the published image:
```bash
docker pull arulkumarv/react2shell:v1
```
Run the pulled image:
```bash
docker run --rm -p 3000:3000 arulkumarv/react2shell:v1
```
---
## 🔬 Exploit Proof‑of‑Concept (PoC)
A public PoC related to CVE-2025-55182 is available at:
https://github.com/msanft/CVE-2025-55182
```bash
git clone https://github.com/msanft/CVE-2025-55182
cd CVE-2025-55182
python poc.py
```
---
## Reference
- PoC repo: https://github.com/msanft/CVE-2025-55182
- React2Shell: https://react2shell.com/