Theori said on Jan. 9 that it released a web-based tool called "ReactGuard" that can quickly check servers for vulnerabilities in response to CVE-2025-55182, the so-called React2Shell flaw that has recently shaken up the web development ecosystem.
ReactGuard was designed based on Theori's artificial intelligence (AI)-based application security assessment solution Xint and was implemented to automate complex analysis processes so it can quickly identify exposure in real-world service environments.
The React2Shell vulnerability is a serious security threat that allows unauthenticated remote arbitrary code execution due to a design issue in the React Server Components (RSC) Flight protocol, and because it can be exploited even with default settings, the security industry is assessing it as a risk on par with the Log4j incident.
ReactGuard automatically detects exposure of vulnerable Flight endpoints when a running service URL is entered, and it adopts a non-destructive diagnostic method that can be used instantly on the web without installation. A dedicated solution is also provided for internal networks where external exposure is difficult.
Park Se-jun, CEO of Theori, said, "ReactGuard is designed to quickly determine risk even without complex technical knowledge," and added, "Since we released it early after multiple internal verifications and tests, we hope it helps many organizations respond proactively."