The U.S. CISA has issued an urgent patch recommendation for the CVE-2025-55182 vulnerability affecting React Server Components, which can be exploited through a simple HTTP request to execute privileged JavaScript. Threat actors are actively exploiting the flaw across various platforms, targeting government, infrastructure, and high-value technology assets. #CISA #React2Shell #CVE2025-55182
Keypoints
- The React2Shell vulnerability affects React Server Components and related frameworks like Next.js and Vite.
- Exploitation is widespread, with attackers targeting internet-facing applications and cloud services globally.
- Threat actors conduct reconnaissance using scanning tools to find vulnerable systems across regions, including Taiwan and Xinjiang Uyghur.
- Recent attacks have included probing activity, malware delivery, and cryptocurrency mining using the vulnerability.
- Over 137,200 vulnerable IP addresses are exposed online, mostly in the U.S., with active exploitation campaigns ongoing.
Read More: https://thehackernews.com/2025/12/react2shell-exploitation-escalates-into.html