Share 
## https://sploitus.com/exploit?id=EB32BF5D-48E5-5DE2-83F3-9C91BA2F4414
# React Native CLI Command Injection Demo (CVE-2025-11953)

## โš ๏ธ VULNERABILITY DEMONSTRATION โš ๏ธ

**JFSA-2025-001495618** - Critical Command Injection in React Native CLI

- **CVE**: CVE-2025-11953
- **CVSS Score**: 9.8 (Critical)
- **Affected Package**: @react-native-community/cli-server-api
- **Vulnerable Versions**: [4.8.0, 20.0.0)
- **Discovery**: JFrog Security Research Team

## Vulnerability Summary

The Metro Development Server, which is opened by the React Native CLI, binds to external interfaces by default. The server exposes an endpoint (`/open-url`) that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables.

### Impact
- **Remote Code Execution (RCE)**
- **Command Injection**
- **No Authentication Required**
- **Network Accessible**

## Demo Structure

```
react-native-cli-command-injection-demo/
โ”œโ”€โ”€ README.md                    # This file
โ”œโ”€โ”€ vulnerable-setup/
โ”‚   โ”œโ”€โ”€ package.json            # Vulnerable version setup
โ”‚   โ”œโ”€โ”€ metro.config.js         # Metro configuration
โ”‚   โ””โ”€โ”€ start-vulnerable.js     # Script to start vulnerable server
โ”œโ”€โ”€ exploit-examples/
โ”‚   โ”œโ”€โ”€ basic-exploit.sh        # Basic command injection example
โ”‚   โ”œโ”€โ”€ windows-exploit.sh      # Windows-specific exploit
โ”‚   โ”œโ”€โ”€ advanced-exploit.py     # Advanced exploitation script
โ”‚   โ””โ”€โ”€ payload-examples.json   # Various payload examples
โ”œโ”€โ”€ secure-setup/
โ”‚   โ”œโ”€โ”€ package.json            # Fixed version setup
โ”‚   โ”œโ”€โ”€ metro.config.js         # Secure configuration
โ”‚   โ””โ”€โ”€ start-secure.js         # Secure server startup
โ””โ”€โ”€ mitigation/
    โ”œโ”€โ”€ SECURITY.md             # Security recommendations
    โ””โ”€โ”€ host-binding-examples.sh # Host binding examples
```

## Quick Start

### 1. Setup Vulnerable Environment
```bash
cd vulnerable-setup
npm install
npm run start:vulnerable
```

### 2. Run Exploit
```bash
cd exploit-examples
./basic-exploit.sh
```

### 3. Setup Secure Environment
```bash
cd secure-setup
npm install
npm run start:secure
```

## โš ๏ธ IMPORTANT SECURITY NOTICE

This demonstration is for educational purposes only. Do not use these examples in production environments or against systems you do not own. Always follow responsible disclosure practices.

## Links

- [JFrog Vulnerability Report](https://research.jfrog.com/vulnerabilities/react-native-cli-command-injection-jfsa-2025-001495618/)
- [JFrog Technical Blog](https://jfrog.com/blog/cve-2025-11953-critical-react-native-community-cli-vulnerability)
- [Fix Commit](https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547)