Skip to content

Releases: Syrins/CVE-2025-55182-React2Shell-RCE

CVE-2025-55182 – React2Shell RCE GUI

08 Dec 09:54
@Syrins Syrins
v1.0.0
b030c0b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
CVE-2025-55182 – React2Shell RCE GUI Latest
Latest

Features

  • 🖥 Modern GUI

    • Dark neon theme with side panel, status badges, and live console
    • Built with CustomTkinter (Python)

  • 🔍 Target Scanner

    • Enter a single target URL (RSC / Next.js server action endpoint)
    • One-click “SCAN TARGET” button
    • Clear status:
      • Vulnerable – appears exploitable via React2Shell
      • Appears safe – exploit pattern not observed
      • Error messages for timeouts / connectivity issues

  • 💣 Command Execution (for confirmed vulnerable systems)

    • Command input box with “RUN” button
    • Only enabled after a successful vulnerability check
    • Output returned and shown in a timestamped console

  • Quick Commands

    • One-click buttons for common forensics commands (e.g. whoami, hostname, id, etc.)
    • Helpful for quick validation and basic triage on test systems

  • 🧾 Verbose Logging

    • Timestamped log lines: [HH:MM:SS] [LEVEL] message
    • Scan start / finish, decisions, and command output all visible

Full Changelog: https://github.com/Syrins/CVE-2025-55182-React2Shell-RCE/commits/v1.0.0

Assets 2
Loading