Threat actors are actively exploiting the recently disclosed React2Shell vulnerability (CVE-2025-55182), targeting many systems worldwide. Multiple threat groups, including Earth Lamia and Jackpot Panda, are attempting to leverage both fake and working PoC exploits, indicating high danger levels for affected organizations. #React2Shell #CVE-2025-55182
Keypoints
- The React2Shell vulnerability allows unauthenticated remote code execution via specially crafted HTTP requests.
- It impacts React version 19, which is widely used in numerous websites and cloud environments.
- Exploitation attempts by threat groups like Earth Lamia and Jackpot Panda have been detected shortly after disclosure.
- Some threat actors are using fake PoC exploits, but at least one working exploit is available publicly.
- Security experts warn that automated scanners and active troubleshooting increase the risk of widespread exploitation.
Read More: https://www.securityweek.com/chinese-hackers-exploiting-react2shell-vulnerability/