React2Shell Remote Code Execution
CVSS 10.0 unauthenticated RCE flaw in React Server Components and Next.js frameworks allowing arbitrary code execution on susceptible web servers without user interaction.
-
RondoDox Botnet Exploits React2Shell CVSS 10.0 to Hijack 90,300+ IoT Devices and Web Servers
A sophisticated botnet campaign spanning nine months has targeted IoT devices and web applications worldwide, exploiting React2Shell CVE-2025-55182 (CVSS 10.0) as its primary initial access vector since December 2025. With…
·
·
8–12 minutes
