Threat Digest

Code snippet of React2Shell exploit payload executing on a compromised Next.js server

React2Shell: CVE-2025-55182 Lets Hackers RCE Unpatched React Servers in One HTTP Shot

A single HTTP request flips your React server into a hacker's playground. Google Threat Intel spots China-nexus groups dropping backdoors via CVE-2025-55182—React2Shell—just days after disclosure.

5 min read 1 month, 1 week ago

#nextjs-exploit

React2Shell: CVE-2025-55182 Lets Hackers RCE Unpatched React Servers in One HTTP Shot