[[message.message]]
ET WEB_SPECIFIC_APPS Vite RSC React2Shel... ET WEB_SPECIFIC_APPS Vite RSC React2Shell Unsafe Flight Protocol Property Access (CVE-2025-55182)
Here you can find all the details about the rule " ET WEB_SPECIFIC_APPS Vite RSC React2Shel... ET WEB_SPECIFIC_APPS Vite RSC React2Shell Unsafe Flight Protocol Property Access (CVE-2025-55182) ". Propose edits, view related rules, and engage with the community through comments.
[[ currentRule.format.toUpperCase()
]]
[[ currentRule.title ]]
[[ currentRule.editor[0].toUpperCase() ]]
[[ currentRule.author[0].toUpperCase() ]]
[[ currentRule.editor ]]
[[ currentRule.author ]]
|
[[ dayjs.utc(currentRule.last_modif).fromNow() ]]
[[ currentRule.description ]]
Original UUID:
2066028
UUID:
c9392596-850c-4fb0-891d-2722ca3f2fa7
Created:
19/12/2025
License:
GPL-2.0
Source:
Unknown
Source:
[[ currentRule.source ]]
[[ currentRule.source ]]
Editor:
admin admin
Rule Content
v 1.0 v [[ currentRule.version ]][[ currentRule.to_string ]]{
"uuid": "55075924-3318-47f8-a960-1f83a097da8b",
"Object": [
{
"name": "suricata",
"meta-category": "network",
"template_uuid": "3c177337-fb80-405a-a6c1-1b2ddea8684a",
"description": "An object describing one or more Suricata rule(s) along with version and contextual information.",
"template_version": "2",
"uuid": "e9ac906e-c6b4-49c0-825d-3ce1b1ca0527",
"Attribute": [
{
"uuid": "f8f1b70d-7438-451f-9187-3e1dda3186d0",
"object_relation": "suricata",
"value": "alert http any any -> $HOME_NET any (msg:\"ET WEB_SPECIFIC_APPS Vite RSC React2Shell Unsafe Flight Protocol Property Access (CVE-2025-55182)\"; flow:established,to_server; http.header; to_lowercase; content:\"x-rsc-action|3a 20|\"; fast_pattern; http.content_type; content:\"multipart/form-data|3b|\"; http.request_body; content:\"|24 40|\"; pcre:\"/^[0-9a-fA-F]+\\x22?\\x0d\\x0a/R\"; content:\"|22|_prefix|22|\"; content:\"|22|_formData|22|\"; content:\"|22 24|\"; pcre:\"/^[0-9a-fA-F]+\\x3a(?:__proto__|constructor|Module)\\x3a/R\"; http.method; content:\"POST\"; reference:url,github.com/acheong08/CVE-2025-55182-vite-rsc; reference:url,react2shell.com/; reference:cve,2025-55182; classtype:web-application-attack; sid:2066028; rev:3; metadata:affected_product Vite, attack_target Server, tls_state TLSDecrypt, created_at 2025_12_04, cve CVE_2025_55182, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence Medium, signature_severity Major, tag Exploit, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2025_12_08, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)",
"type": "snort",
"disable_correlation": false,
"to_ids": true,
"category": "Network activity"
},
{
"uuid": "02d85fcb-d393-4fbf-a712-013939f104c4",
"object_relation": "suricata-rule-name",
"value": "ET WEB_SPECIFIC_APPS Vite RSC React2Shell Unsafe Flight Protocol Property Access (CVE-2025-55182)",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "9816ae83-50b0-4bc7-87c3-9fe2601d056d",
"object_relation": "comment",
"value": "No description provided",
"type": "comment",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "a9046ec1-0498-4eb3-a64c-c08d56fa41f0",
"object_relation": "version",
"value": "3",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "ba1a5685-5c99-4c05-9fe3-57bde806aa74",
"object_relation": "reference",
"value": "emerging-all.rules.zip by admin admin",
"type": "link",
"disable_correlation": false,
"to_ids": false,
"category": "External analysis"
}
],
"distribution": "5",
"sharing_group_id": "0"
}
]
}Similar Rules
Related Bundles
[[ bundleListRule.length ]] TotalNo bundles found for this rule.
Loading...
Please log in to propose an edit.
No edit proposals found for this rule.
[[ comments_list.length ]] Comments
Join the conversation
Login to replyCommunity Discussion
No comments yet
Be the first to share your thoughts on this rule!