Hasty Briefsbeta

React2Shell and related RSC vulnerabilities threat brief

2 days ago
https://blog.cloudflare.com/react2shell-rsc-vulnerabilities-exploitation-threat-brief/
Copy Link
  • #vulnerability
  • #react
  • #cybersecurity
  • Critical React2Shell vulnerability (CVE-2025-55182) disclosed on December 3, 2025, with a CVSS score of 10.0.
  • Immediate exploitation observed, with scanning and probing from Asian-nexus threat groups.
  • Vulnerability involves unsafe deserialization in React Server Components (RSC) Flight protocol, leading to RCE.
  • Cloudflare deployed WAF rules to block exploitation attempts, available to both free and paid customers.
  • Additional vulnerabilities CVE-2025-55183 and CVE-2025-55184 disclosed, related to RSC payload handling.
  • Threat actors used tools like Nuclei, Burp Suite, and custom scanners for reconnaissance and exploitation.
  • Targeting focused on high-value entities in regions like Taiwan, Xinjiang Uygur, Vietnam, Japan, and New Zealand.
  • Cloudflare observed 582.10M hits related to React2Shell exploitation attempts within days of disclosure.
  • Payload analysis showed a wide range of sizes, with some outliers up to 375 MB.
  • Cloudflare's multi-layered protection includes WAF rules and inherent security in Cloudflare Workers.
AboutLogin