CVE-2025-55182: 
React2Shell: Critical RCE Vulnerability in React and Next.js

A critical vulnerability has been identified in the React Server Components (RSC) "Flight" protocol, affecting the React 19 ecosystem and frameworks that implement it, most notably Next.js. Assigned CVE-2025-55182, this flaw allows for unauthenticated remote code execution (RCE) on the server. The vulnerability is exploitable in the default configuration of affected applications, meaning standard deployments are immediately at risk.

Due to the critical severity and ease of exploitation, immediate patching is required on public applications utilizing these frameworks. As of 05-12-2025, Wiz and other security vendors are observing active exploitation in the wild of this vulnerability.

Notes

Wiz currently detects CVE-2025-66478 on Next.js instances and CVE-2025-55182 on React and other vulnerable products. We are aware that CVE-2025-66478 has been rejected as a duplicate of CVE-2025-55182 and are in the process of remapping these findings to the unrejected CVE. However, in the meantime, please treat findings for CVE-2025-66478 as valid. It is expected behavior that Next.js instances will not yet appear under CVE-2025-55182.

Changelog

• 2025-12-03 (UTC) - Initial publication and vulnerability detections. Note that findings were generated based on prior scan data in order to support rapid response by our customers to these vulnerabilities.

• 2025-12-03 (UTC) - We are aware of an issue with our detection for CVE-2025-55182, which alerts on the react component rather than the correct react-server-dom* components.

• 2025-12-03 (UTC) - We have implemented a fix for the issue above, and it was deployed in scans starting December 3rd, 11PM UTC.

• 2025-12-04 (UTC) - We are aware that CVE-2025-66478 has been rejected as a duplicate of CVE-2025-55182. This makes sense, as they both have the same root cause. However, this does not mean that findings for CVE-2025-66478 are false positives; the rejection simply means that CVE-2025-55182 covers both cases, and residual findings for CVE-2025-66478 therefore remain relevant until they're replaced by findings for CVE-2025-55182 in future scans.

• 2025-12-04 (UTC) - Added Controls that correlate between agentless vulnerability detection and ASM-based technology detections on application endpoints.

• 2025-12-05 (UTC) - Added exploitability validation via the ASM scanner, valid for scans starting 3AM UTC. Note that some older findings are assigned high severity whereas newer ones are all assigned critical severity - this reflects the confidence level of the finding (lower severity indicates a slightly higher chance of false positives).

• 2025-12-05 (UTC) - Noted evidence of exploitation in the wild.

• 2025-12-05 (UTC) - Added detection guidance section and IOCs; clarified affected version ranges; noted that WAF rules are reportedly being bypassed.

• 2025-12-05 (UTC) - Added information about initial in-the-wild exploitation.

• 2025-12-06 (UTC) - Reclassified ASM rule from exploitability validation to misconfiguration in order to expand coverage for additional customers.

• 2025-12-07 (UTC) - Updated "Detection" section, additional Threat Detection Rules were added. Also added IPs to IOCs section.

• 2025-12-10 (UTC) - Updated Threats query and detection queries with additional Sensor rules.

• 2025-12-16 (UTC) - Clarified that the React2Shell ASM rule is only available to customers with a Cloud Advanced license.

Technical Details

The vulnerability fundamentally resides in the react-server package and its handling of the RSC "Flight" protocol. It is characterized as a logical deserialization vulnerability where the server processes RSC payloads in an unsafe manner. When a server receives a specially crafted, malformed payload, it fails to validate the structure correctly. This allows attacker-controlled data to influence server-side execution logic, resulting in the execution of privileged JavaScript code.

Exploitation in the wild

Wiz is tracking rapidly expanding exploitation of CVE-2025-55182 since the full proof of concept exploit became public. Our sensors have identified multiple victims compromised starting December 5 at 6:00 AM UTC, primarily targeting internet-facing Next.js applications and Kubernetes containers. We are continuing to hunt for post-exploitation activity and expect this exploit to be employed by both targeted and opportunistic campaigns. Our visibility confirms the public reporting from GreyNoise and others of significant adoption of this vulnerability.

• Wiz identified a customer compromised by this exploit where the actor attempted to identify AWS credentials and base64 encode them, likely in preparation for exfiltration.

• At a separate Wiz customer, exploitation was followed by a shell script that attempted to install the sliver malware framework.

• Wiz has identified multiple cryptomining campaigns that have each affected multiple customers. At this time, we are aware of at least six incidents and expect that to grow.

  • One campaign dropped a UPX packed version of the cryptominer XMRig. The earliest we have discovered occurred at 6:00 am UTC on December 5th

  • A second cryptominer campaign has downloaded the standard XMRig set up from Github, specifying their specific mining pool.

• Public reporting by GreyNoise has identified 95 IP addresses performing what they assess to be "opportunistic, largely automated exploitation attempts" beginning at 04:00 UTC on December 5th.

• AWS reported that they identified multiple china-nexus groups experimenting with early public attempts at exploit code on December 4th, prior to the full PoC being released. Given this interest and past Chinese tactics, we expect a wide range of China-nexus actors to use this exploit in targeted intrusions.

Affected Products

Additionally, any framework or library bundling the react-server implementation is likely affected. This includes, but is not limited to:

• Vite RSC plugin

• Parcel RSC plugin

• React Router RSC preview

• RedwoodSDK

• Waku

Google has stated that public OS images provided by Google Cloud for Compute Engine are not affected by default. GCP, AWS and Cloudflare have also added WAF rules to defend against this sort of exploit, but there are reports of these being bypassed.

Remediation

1. Upgrade React and Next.js dependencies to the hardened versions listed below. This is the only definitive mitigation.

   • React: Update to version 19.0.1, 19.1.2, or 19.2.1 (or latest available stable).

   • Next.js: Update to versions 14.3.0-canary.88, 15.0.5, 15.1.9, 15.2.6, 15.3.6, 15.4.8, 15.5.7, or 16.0.7 depending on your current major version branch.

2. if you are using other RSC-enabled frameworks (Redwood, Waku, etc.), check their official channels for updates regarding the bundled react-server version and update immediately.

Indicators of Compromise (IOCs)

Amazon Threat Intelligence have reported the following indicators of exploitation activity (note that these aren't all specific to exploitation of these particular vulnerabilities):

• Network indicators:

  • HTTP POST requests to application endpoints with next-action or rsc-action-id headers

  • Request bodies containing $@ patterns

  • Request bodies containing "status":"resolved_model" patterns

• Host-based indicators:

  • Unexpected execution of reconnaissance commands (whoami, id, uname)

  • Attempts to read /etc/passwd

  • Suspicious file writes to /tmp/ directory (for example, pwned.txt)

  • New processes spawned by Node.js/React application processes

• Threat actor infrastructure (IP addresses):

  • 206.237.3[.]150

  • 45.77.33[.]136

  • 143.198.92[.]82

  • 183.6.80[.]214

  • 193.182.144[.]250

  • 38.60.203[.]31

  • 46.17.103[.]97

  • 23.235.188[.]3