top of page
perceptive_background_267k.jpg

Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability

Published:

5 December 2025 at 14:10:00

Alert date:

5 December 2025 at 16:00:59

Source:

thehackernews.com

Click to open the original link from this advisory

Chinese threat actors have rapidly weaponized CVE-2025-55182 (React2Shell) within hours of public disclosure. The critical vulnerability in React Server Components allows unauthenticated remote code execution with a CVSS score of 10.0. Two China-linked hacking groups are actively exploiting this flaw. Patches are available in React versions 19.0.1, 19.1.2, and 19.2.1. The vulnerability represents a significant threat due to the widespread use of React and the immediate exploitation by threat actors.

Technical details

Mitigation steps:

Affected products:

React Server Components

Related links:

https://thehackernews.com/2025/12/chinese-hackers-have-started-exploiting.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page