The Threat Codex<p>Next.js and the corrupt middleware: the authorizing artifact<br><a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_29927</span></a> <br><a href="https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">zhero-web-sec.github.io/resear</span><span class="invisible">ch-and-things/nextjs-and-the-corrupt-middleware</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
c.im is one of the many independent Mastodon servers you can use to participate in the fediverse.
C.IM is a general, mainly English-speaking Mastodon instance.
Administered by:
Server stats:
2.9Kactive users
c.im: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6
#cve_2025_29927
3 posts · 3 participants · 0 posts today
Konstantin :C_H:<p>With <a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_29927</span></a>, Next.js has now suffered its second major vulnerability in just three months, following <a href="https://infosec.exchange/tags/CVE_2024_51479" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2024_51479</span></a>.</p><p>I originally built CVE Crowd with <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NextJS</span></a>.</p><p>However, as the application became more complex (especially with authentication), I decided to switch to a framework I was more familiar with.</p><p>Honestly, I’m feeling a bit relieved about that right now...</p><p><a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBounty</span></a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/CVECrowd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVECrowd</span></a></p>
:mastodon: decio<p>⚠️ Une faille critique dans <strong>Next.js</strong> permet de contourner les vérifications d'autorisation effectuées dans le middleware.<br><br>👉 Framework React trés populaire pour le rendu web côté serveur.</p><p>🔍 <strong>Détails techniques</strong><br><br>En injectant l'en-tête <code>x-middleware-subrequest</code>, un attaquant peut <strong>bypasser les contrôles d'accès</strong> et accéder à des ressources normalement protégées. </p><p>💥 Exploit documenté ici <br>⬇️ <br>"Next.js and the corrupt middleware: the authorizing artifact"<br>👇 <br><a href="https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">zhero-web-sec.github.io/resear</span><span class="invisible">ch-and-things/nextjs-and-the-corrupt-middleware</span></a></p><p>🛡️ <strong>Versions vulnérables</strong> </p><ul><li>15.x < 15.2.3<br></li><li>14.x < 14.2.25<br></li><li>11.1.4 → 13.5.6</li></ul><p>🔧 <strong>Solutions</strong><br><br>✔️ Mettez à jour vers <strong>15.2.3</strong> ou <strong>14.2.25</strong><br><br>👇 <br><a href="https://nextjs.org/blog/cve-2025-29927" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">nextjs.org/blog/cve-2025-29927</span><span class="invisible"></span></a><br>⬇️ <br><a href="https://github.com/advisories/GHSA-f82v-jwr5-mffw" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/advisories/GHSA-f82</span><span class="invisible">v-jwr5-mffw</span></a></p><p>✔️ En attendant : <strong>bloquez les requêtes</strong> contenant <code>x-middleware-subrequest</code> côté serveur / WAF</p><p>🛰️ Et effectivement selon le moteur de recherche de surface d’attaque ONYPHE,<br><br>il y en a un paquet… y compris en Suisse 🇨🇭 </p><p><a href="https://infosec.exchange/tags/CyberVeille" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberVeille</span></a> <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NextJS</span></a> <a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_29927</span></a> <a href="https://infosec.exchange/tags/websec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>websec</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/onyphe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>onyphe</span></a> <a href="https://infosec.exchange/tags/ASD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ASD</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload