Security Advisory: React2Shell (CVE-2025-55182) - Critical RCE Vulnerability скачать в хорошем качестве

Security Advisory: React2Shell (CVE-2025-55182) - Critical RCE Vulnerability

A critical vulnerability affecting React Server Components (RSC) is being actively exploited. On December 03, 2025, CVE-2025-55182 (nicknamed React2Shell) was publicly disclosed with a CVSS score of 10.0. Within hours, multiple China-nexus threat groups began targeting vulnerable applications. This vulnerability affects: -React 19.x -Next.js 15.x and 16.x (when using App Router) -Other frameworks using RSC (Waku, Vite with RSC plugins) Even applications that do not explicitly use server functions are vulnerable if they support RSC. What Makes This Serious: The vulnerability allows unauthenticated remote code execution (RCE) through improper deserialization. What caught our attention is how quickly adversaries moved—exploitation attempts were observed in honeypots within hours of disclosure. We have seen everything from reconnaissance activity and credential harvesting to cryptominers and sophisticated backdoors using Sliver implants. Read more and learn what to look out for on our website: https://trustedsec.com/about-us/news/... For more information about TrustedSec, please visit our website: https://trustedsec.com/