Share
## https://sploitus.com/exploit?id=ABA8E86E-AFC1-52A3-8FDE-FE98DBD9331F
# R2S - React2Shell Scanner
A web-based vulnerability scanner for **CVE-2025-55182**, a critical Remote Code Execution (RCE) vulnerability in React Server Components.
**Live Scanner:** [https://r2s.mxm0z.com](https://r2s.mxm0z.com)
## About CVE-2025-55182
CVE-2025-55182 is a critical (CVSS 10.0) vulnerability in the React Server Components Flight protocol that allows unauthenticated attackers to execute arbitrary code on vulnerable Next.js servers via crafted HTTP requests.
### Affected Versions
| Package | Vulnerable | Patched |
|---------|-----------|---------|
| React | 19.0.0 | 19.0.1 |
| React | 19.1.0 - 19.1.1 | 19.1.2 |
| React | 19.2.0 | 19.2.1 |
| Next.js | 15.0.0 - 15.0.4 | 15.0.5 |
| Next.js | 15.1.0 - 15.1.8 | 15.1.9 |
| Next.js | 15.2.0 - 15.2.5 | 15.2.6 |
| Next.js | 15.3.0 - 15.3.5 | 15.3.6 |
| Next.js | 15.4.0 - 15.4.7 | 15.4.8 |
| Next.js | 15.5.0 - 15.5.6 | 15.5.7 |
| Next.js | 16.0.0 - 16.0.6 | 16.0.7 |
## How It Works
This scanner sends a **safe detection payload** to the target URL. The payload uses `"_prefix":"1"` which simply evaluates to the number 1 - it does not execute any code on the target server.
### Detection Logic
| Response | Interpretation |
|----------|----------------|
| HTTP 500 + RSC error pattern | **VULNERABLE** (high confidence) |
| HTTP 500 | **LIKELY VULNERABLE** (medium confidence) |
| Request timeout (>6s) | **POTENTIALLY VULNERABLE** (medium confidence) |
| HTTP 200/404/other | **NOT VULNERABLE** |
## Deploy Your Own
### Prerequisites
- [Cloudflare account](https://dash.cloudflare.com/sign-up) (free tier works)
- [Node.js](https://nodejs.org/) 18+
- [Wrangler CLI](https://developers.cloudflare.com/workers/wrangler/install-and-update/)
### Setup
```bash
# Clone the repository
git clone https://github.com/mxm0z/r2s.git
cd r2s
# Install dependencies
npm install
# Run locally
npm run dev
# Deploy to Cloudflare Pages
npm run deploy
```
### Custom Domain (Optional)
1. Add your domain to Cloudflare
2. Go to Cloudflare Pages > your project > Custom domains
3. Add your subdomain (e.g., `scanner.yourdomain.com`)
## Project Structure
```
r2s/
โโโ public/
โ โโโ index.html # Main page
โ โโโ style.css # Styling
โ โโโ app.js # Frontend logic
โ โโโ _worker.js # Cloudflare Worker (scanner API)
โโโ wrangler.toml # Cloudflare configuration
โโโ package.json
```
## API
### POST /api/scan
Scan a target URL for CVE-2025-55182.
**Request:**
```json
{
"targetUrl": "https://example.com"
}
```
**Response:**
```json
{
"target": "https://example.com",
"timestamp": "2025-01-15T12:00:00.000Z",
"status": "not_vulnerable",
"message": "NOT VULNERABLE",
"httpStatus": "404 Not Found",
"responsePreview": "...",
"confidence": "high"
}
```
## Disclaimer
This tool is provided for **authorized security testing only**. Only scan applications you have explicit permission to test. The authors are not responsible for misuse of this tool.
## Credits
- **Original Research:** [Lachlan Davidson](https://react2shell.com/)
- **React Advisory:** [GHSA-fv66-9v8q-g76r](https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r)
- **Next.js Advisory:** [GHSA-9qr9-h5gf-34mp](https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp)
## License
MIT