React2Shell vulnerability detection now possible

Security business menu

Security business
HOME

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

TOP

Products/Services

product
- ANTERAS Attack Surface Management
service
- ASM Alert Triage Service
- ASM Entry Service

User stories

Seminar content

Document request

inquiry

Event/Seminar

video on demand

ANTERAS

Antelace

React2Shell vulnerability detection now available

ANTERAS ASM can now detect the React2Shell vulnerability / CVE-2025-55182, which has been reported to have numerous breaches both domestically and internationally.

On December 3, 2025, an unauthenticated remote code execution vulnerability in React Server Components (CVE-2025-55182/commonly known as React2Shell) was made public ^*1. Since then, various threat actors have been exploiting this vulnerability in attacks, and numerous cases of intrusions have been reported both domestically and internationally.

As of December 8, 2025, it is possible to investigate this vulnerability using ANTERAS Attack Surface Management (ANTERAS ASM), provided by Macnica.

React is a library that is widely used when building websites and web applications. Our own research has confirmed that approximately 90% of Japanese companies surveyed use React or React-based frameworks such as Next.js.

If you investigate usage within your organization and find that a website is affected by the vulnerability, be sure to conduct a breach investigation (check for traces of attack) as widespread attacks have already occurred.

What is ANTERAS ASM?

In June 2021, Macnica was one of the first companies in Japan to launch its own proprietary ASM solution. ANTERAS ASM utilizes a proprietary AI-driven tool developed with the expertise of the Macnica Security Research Center, and also incorporates expert investigations as needed, enabling accurate and comprehensive surveys. This allows for the identification of assets, including overseas locations, such as domains and rogue servers that customers themselves may not be aware of, and enables effective countermeasures against high-risk assets based on a unique risk index that takes attacker trends into account.

In addition, we are also focusing on expanding our functionality by providing a patent-pending method for safely identifying vulnerabilities in VPN devices and other devices from outside, as well as a web portal designed specifically for ASM operations.

Click here for more details about ANTERAS ASM

https://www.macnica.co.jp/business/security/manufacturers/anteras/asm.html

*1 JPCERT Coordination Center, "React Server Components Vulnerability (CVE-2025-55182)"

Inquiry/Document request

Macnica ANTERAS Department

inquiry Document request

TEL：045-476-2010
E-mail：sec-service@macnica.co.jp

Weekdays: 9:00-17:00