Skip to main content
Idan_Soen_FTNT
Staff
Idan_Soen_FTNT
Staff
December 5, 2025

Technical Tip: FortiWeb and FortiAppSec customers protected against CVE-2025-55182 (React, Node.js vulnerability)

  • December 5, 2025
  • 0 replies
  • 1945 views
Description

This article describes FortiWeb and FortoAppSec protection for CVE-2025-55182.

 

On December 3, 2025, the React and Next.js teams disclosed a critical CVSS 10.0 security flaw, tracked as React2Shell (CVE-2025-55182), which impacts applications using React Server Components in combination with Server Actions or Server Functions.

The issue arises from insufficient validation of untrusted client input in specific server-side React functionality, allowing an unauthenticated attacker to send crafted requests that can trigger unintended behavior on the server.

 

If exploited, this bug enables remote code execution without any prior authentication and poses a serious risk to many modern React and Next.js deployments that rely on these server capabilities.
Scope

FortiWeb, FortiAppSec, CVE-2025-55182.
Solution
  • FortiWeb: FortiWeb had already signatures protecting CVE-2025-55182 exploits; however, upon disclosure, additional exploit variations emerged that required additional protection. On December 4th, the FortiGuard research team released new signatures addressing newly released exploit variations. Users leveraging Fortinet's Standard signature set are automatically protected. 
  • FortiAppSec: A new signature was also immediately deployed to FortiAppSec for all Users. Users leveraging FortiAppSec's  Known Attack protection module are immediately protected.

Related article:
React2Shell Remote Code Execution (RCE) Vulnerability 
    Terms & ConditionsAccessibility statement