GLOBAL SITUATIONMONITORING
482 published briefsUTCWed, Mar 25 08:08:19
React2Shell Remote Code Execution
CVSS 10.0 unauthenticated RCE flaw in React Server Components and Next.js frameworks allowing arbitrary code execution on susceptible web servers without user interaction.
1 intelligence brief← Intelligence Hub
-
RondoDox Botnet Exploits React2Shell CVSS 10.0 to Hijack 90,300+ IoT Devices and Web Servers
A sophisticated botnet campaign spanning nine months has targeted IoT devices and web applications worldwide, exploiting React2Shell CVE-2025-55182 (CVSS 10.0) as its primary initial access vector since December 2025. With 68,400 vulnerable instances in the U.S. alone, RondoDox systematically enrolls victims into cryptocurrency mining and botnet relay infrastructure.