{"id":139,"date":"2025-12-06T10:30:47","date_gmt":"2025-12-06T07:30:47","guid":{"rendered":"https:\/\/demo.bravisthemes.com\/cyberguard\/?p=139"},"modified":"2025-12-06T18:34:02","modified_gmt":"2025-12-06T15:34:02","slug":"react2shell-kritik-rce-guvenlik-zafiyeti","status":"publish","type":"post","link":"https:\/\/sentrasecurity.com.tr\/en\/react2shell-kritik-rce-guvenlik-zafiyeti\/","title":{"rendered":"React2Shell: Kritik RCE G\u00fcvenlik Zafiyeti"},"content":{"rendered":"
\n\t\t\t\t
\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\r\n
\r\n \r\n
\r\n \"reactimg\" <\/div>\r\n <\/div>\r\n<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t
\n\t\t
\n\t\t\t

CVE-2025-55182 ve CVE-2025-66478 olarak takip edilen, React Server Components \u00fczerinde tespit edilen kritik uzaktan kod \u00e7al\u0131\u015ft\u0131rma a\u00e7\u0131\u011f\u0131 (React2Shell), React ve Next.js ekipleri taraf\u0131ndan do\u011fruland\u0131. Bu zafiyet, kimlik do\u011frulamas\u0131 olmadan sunucu taraf\u0131nda kod y\u00fcr\u00fct\u00fclmesine imk\u00e2n tan\u0131d\u0131\u011f\u0131 i\u00e7in modern web uygulamalar\u0131 a\u00e7\u0131s\u0131ndan ciddi bir g\u00fcvenlik riski olu\u015fturuyor.<\/p>

Bu a\u00e7\u0131k, temelde g\u00fcvensiz veri ayr\u0131\u015ft\u0131rmas\u0131ndan kaynaklan\u0131yor. React\u2019\u0131n sunucu taraf\u0131ndaki istek \u00e7\u00f6z\u00fcmleme s\u00fcreci sald\u0131rgan taraf\u0131ndan kontrol edilen verileri uygun \u015fekilde do\u011frulamad\u0131\u011f\u0131ndan, uygulamada herhangi bir server function tan\u0131ml\u0131 olmasa bile kod \u00e7al\u0131\u015ft\u0131r\u0131labiliyor.<\/p>

React ve Next.js’nin devasa kullan\u0131m hacmi d\u00fc\u015f\u00fcn\u00fcld\u00fc\u011f\u00fcnde bu zafiyetin olu\u015fturabilece\u011fi etki olduk\u00e7a geni\u015f.<\/p>\t\t\n\t\t<\/div>\n\t<\/div>\n<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\r\n\t\t

\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\r\n \t
\r\n \t\t\t
\r\n\t\t\t\t\t\t\t\t\t\t\t
\r\n\t\t 1\t\t <\/div>\r\n\t \t
\r\n\t \t\t\t\t\t\t\t\t
\r\n\t\t\t React2Shell Zafiyetinin \u00d6zeti\t\t\t <\/h5>\r\n\t\t \r\n\t\t \t\t\t
\r\n\t\t\t \nreact-server-dom-webpack, react-server-dom-parcel ve react-server-dom-turbopack paketleri sunucu fonksiyonlar\u0131n\u0131n yeniden olu\u015fturulmas\u0131 s\u0131ras\u0131nda g\u00fcvensiz bir \u00f6zellik \u00e7\u00f6z\u00fcmleme y\u00f6ntemi kullan\u0131yor. 19.0.0, 19.1.0, 19.1.1 ve 19.2.0 s\u00fcr\u00fcmleri ile \u00e7ok say\u0131da canary, rc ve deneysel s\u00fcr\u00fcm bu sorunlardan etkileniyor.\nNext.js taraf\u0131nda ise 14.3.0-canary.77 ile 14.3.0-canary.88 aras\u0131ndaki s\u00fcr\u00fcmler ile 15.x ve 16.x s\u00fcr\u00fcmleri etkilenmi\u015f durumda.\nServer function kullanm\u0131yor olsan\u0131z bile React Server Components deste\u011fi varsa uygulaman\u0131z savunmas\u0131z olabilir.\nSald\u0131rgan taraf\u0131ndan haz\u0131rlanm\u0131\u015f \u00f6zel bir HTTP iste\u011fi, \u00e7\u00f6z\u00fcmleme s\u00fcrecine k\u00f6t\u00fc ama\u00e7l\u0131 metadata enjekte ederek mod\u00fcl yap\u0131s\u0131na eri\u015fim sa\u011flayabiliyor. Bu da tek bir istekle tamamen yetkisiz kod \u00e7al\u0131\u015ft\u0131rmaya yol a\u00e7abiliyor.\n\t\t\t <\/div>\r\n\t\t \t <\/div>\r\n\t <\/div>\r\n\t \t
\r\n\t\t\t\t\t\t\t\t\t\t\t
\r\n\t\t 2\t\t <\/div>\r\n\t \t
\r\n\t \t\t\t\t\t\t\t\t
\r\n\t\t\t Etkilenenler\t\t\t <\/h5>\r\n\t\t \r\n\t\t \t <\/div>\r\n\t <\/div>\r\n\t \t<\/div>\r\n <\/div>\r\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t
\n\t\t
\n\t\t\t

A\u015fa\u011f\u0131daki paket s\u00fcr\u00fcmlerinden herhangi biri kullan\u0131l\u0131yorsa zafiyetten etkileniyorsunuz:<\/p>

  1. react-server-dom-webpack \/ parcel \/ turbopack<\/strong>
    19.0.0, 19.1.0, 19.1.1, 19.2.0<\/li>
  2. Next.js<\/strong>
    \u226514.3.0-canary.77, <14.3.0-canary.88, 15.x, 16.x<\/li>
  3. React Router, Waku, Redwood, Vite RSC eklentisi ve Parcel RSC<\/strong> gibi bir\u00e7ok \u00e7\u00f6z\u00fcm de bu paketlerin g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7eren s\u00fcr\u00fcmlerini g\u00f6m\u00fcl\u00fc olarak kullan\u0131yor olabilir.<\/li><\/ol>\t\t\n\t\t<\/div>\n\t<\/div>\n<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\r\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t
    \r\n \t
    \r\n \t\t\t
    \r\n\t\t\t\t\t\t\t\t\t\t\t
    \r\n\t\t 3\t\t <\/div>\r\n\t \t
    \r\n\t \t\t\t\t\t\t\t\t
    \r\n\t\t\t Ge\u00e7ici Koruma\t\t\t <\/h5>\r\n\t\t \r\n\t\t \t\t\t
    \r\n\t\t\t Web uygulama g\u00fcvenlik duvarlar\u0131 (WAF), belirli k\u00f6t\u00fc ama\u00e7l\u0131 istekleri filtreleyerek k\u0131smi koruma sa\u011flayabilir. Ancak bu kal\u0131c\u0131 bir \u00e7\u00f6z\u00fcm de\u011fildir.\t\t\t <\/div>\r\n\t\t \t <\/div>\r\n\t <\/div>\r\n\t \t
    \r\n\t\t\t\t\t\t\t\t\t\t\t
    \r\n\t\t 4\t\t <\/div>\r\n\t \t
    \r\n\t \t\t\t\t\t\t\t\t
    \r\n\t\t\t Kal\u0131c\u0131 \u00c7\u00f6z\u00fcm\t\t\t <\/h5>\r\n\t\t \r\n\t\t \t <\/div>\r\n\t <\/div>\r\n\t \t<\/div>\r\n <\/div>\r\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t
    \n\t
    \n\t\t
    \n\t\t\t

    React ve Next.js\u2019in g\u00fcncellenmi\u015f s\u00fcr\u00fcmlerine ge\u00e7i\u015f yap\u0131lmas\u0131 zorunludur. G\u00fcvenli s\u00fcr\u00fcmler \u015fu \u015fekildedir<\/p>

    1. React<\/strong>
      19.0.1, 19.1.2, 19.2.1<\/p><\/li>

    2. Next.js<\/strong>
      14.3.0-canary.88, 15.0.5, 15.1.9, 15.2.6, 15.3.6, 15.4.8, 15.5.7, 16.0.7<\/p>

      Zafiyet i\u00e7eren s\u00fcr\u00fcmler npmjs \u00fczerinde kullan\u0131mdan kald\u0131r\u0131ld\u0131 ve listelenmiyor.<\/p><\/li><\/ol>\t\t\n\t\t<\/div>\n\t<\/div>\n<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

      \n\t\t\t\t
      \n\t\t\t\t\t
      \r\n \t
      \r\n \t\t\t
      \r\n\t\t\t\t\t\t\t\t\t\t\t
      \r\n\t\t 5\t\t <\/div>\r\n\t \t
      \r\n\t \t\t\t\t\t\t\t\t
      \r\n\t\t\t React Kullanan T\u00fcm Uygulamalar \u0130\u00e7in \u00d6neri\t\t\t <\/h5>\r\n\t\t \r\n\t\t \t\t\t
      \r\n\t\t\t Server function kullanmad\u0131\u011f\u0131n\u0131z\u0131 d\u00fc\u015f\u00fcnseniz bile framework\u2019ler bu bile\u015fenleri dolayl\u0131 olarak i\u00e7erebildi\u011fi i\u00e7in React tabanl\u0131 t\u00fcm uygulamalar\u0131n h\u0131zl\u0131 \u015fekilde g\u00fcncellenmesi gerekir\t\t\t <\/div>\r\n\t\t \t <\/div>\r\n\t <\/div>\r\n\t \t
      \r\n\t\t\t\t\t\t\t\t\t\t\t
      \r\n\t\t 6\t\t <\/div>\r\n\t \t
      \r\n\t \t\t\t\t\t\t\t\t
      \r\n\t\t\t Son De\u011ferlendirme\t\t\t <\/h5>\r\n\t\t \r\n\t\t \t\t\t
      \r\n\t\t\t CVE-2025-55182 ve CVE-2025-66478, son y\u0131llarda JavaScript ekosisteminde g\u00f6r\u00fclen en ciddi a\u00e7\u0131klardan biri olarak \u00f6ne \u00e7\u0131k\u0131yor. Kimlik do\u011frulamas\u0131 gerektirmemesi, sald\u0131r\u0131lar\u0131n kolay uygulanabilir olmas\u0131, temel bir ayr\u0131\u015ft\u0131rma hatas\u0131na dayanmas\u0131 ve React\u2019\u0131n k\u00fcresel yayg\u0131nl\u0131\u011f\u0131, bu olay\u0131 y\u00fcksek \u00f6ncelikli bir g\u00fcvenlik g\u00fcndemi h\u00e2line getiriyor. Tarama faaliyetleri h\u0131zla ba\u015flam\u0131\u015f durumda ve istismar kodlar\u0131 aktif olarak payla\u015f\u0131lm\u0131\u015f halde.\nG\u00fcncellemeleri uygulamak, bu riski ortadan kald\u0131rman\u0131n tek g\u00fcvenilir yoludur.\n\t\t\t <\/div>\r\n\t\t \t <\/div>\r\n\t <\/div>\r\n\t \t<\/div>\r\n <\/div>\r\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
      \t\t<\/div>\r\n\t\t\t\t<\/div>\r\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

      CVE-2025-55182 ve CVE-2025-66478 olarak takip edilen, React Server Components \u00fczerinde tespit edilen kritik uzaktan kod \u00e7al\u0131\u015ft\u0131rma a\u00e7\u0131\u011f\u0131 (React2Shell), React ve Next.js ekipleri taraf\u0131ndan do\u011fruland\u0131. Bu zafiyet, kimlik do\u011frulamas\u0131 olmadan sunucu taraf\u0131nda kod y\u00fcr\u00fct\u00fclmesine imk\u00e2n tan\u0131d\u0131\u011f\u0131 i\u00e7in modern web uygulamalar\u0131 a\u00e7\u0131s\u0131ndan ciddi bir g\u00fcvenlik riski olu\u015fturuyor. Bu a\u00e7\u0131k, temelde g\u00fcvensiz veri ayr\u0131\u015ft\u0131rmas\u0131ndan kaynaklan\u0131yor. React\u2019\u0131n sunucu taraf\u0131ndaki […]<\/p>\n","protected":false},"author":1,"featured_media":2425,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[19,20,9,22,21,16,17],"class_list":["post-139","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zero-day","tag-cve-2025-55182","tag-cve-2025-66478","tag-cybersecurity","tag-react2shell","tag-reactjs-vulnerability","tag-threat-detection","tag-zero-day"],"_links":{"self":[{"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/posts\/139","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/comments?post=139"}],"version-history":[{"count":24,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/posts\/139\/revisions"}],"predecessor-version":[{"id":2464,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/posts\/139\/revisions\/2464"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/media\/2425"}],"wp:attachment":[{"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/media?parent=139"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/categories?post=139"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sentrasecurity.com.tr\/en\/wp-json\/wp\/v2\/tags?post=139"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}