Remote Code Execution (React2Shell)

The server is running Next.js with vulnerable versions of React Server Components that allow remote attackers to execute arbitrary code. This vulnerability affects how React Server Components deserialize and process client requests, enabling code execution through specially crafted payloads.

The React2Shell vulnerability allows attackers to bypass serialization boundaries in React Server Components, injecting malicious code that executes on the server during component rendering. Attackers can send crafted HTTP requests containing malicious serialized objects that, when deserialized by vulnerable React versions, trigger arbitrary code execution. This provides complete server compromise, allowing attackers to steal sensitive data, modify application behavior, or establish persistence on the compromised system.

Upgrade to the latest versions of the React and Next.js libraries you are using. Specifically, update to React versions that patch CVE-2025-55182 and CVE-2025-66478. Ensure all React Server Components dependencies are updated to non-vulnerable versions.