Put a slash in front of the first { to escape it and cause it to be parsed like a normal character. eg:
REPLACE(c_Text, "\{1}":U, "&2")
This will work assuming that is literally what your REPLACE statement needs to look like, as opposed to the {1} expanding to some runtime value from the database.