来源

关联漏洞

描述

A Nuclei template to detect CVE-2025-29927 the Next.js authentication bypass vulnerability

介绍

# nextjs-CVE-2025-29927
A Nuclei template to detect CVE-2025-29927 the Next.js authentication bypass vulnerability. If you want to understand exactly how this vulnerability works, you can read the original researchers excellent article [here](https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware)

This template is pretty straight forward.  It does two things: First, it identifies that a website is using Next.js and then it tests to see if the target is utilizing middleware.  This template will identify when those two things both exist via HTTP headers.  However, its important to note that a positive match for both does NOT mean that the application is definitely vulnerable.  This template does not pass ```x-middleware-subrequest: true``` to test if the application is attackable.

## Install Nuclei
If you haven't used Nuclei before you can follow the instructions here: https://github.com/projectdiscovery/nuclei

## Using the nextjs-CVE-2025-29927 Nuclei template

```sh
nuclei -u https://example.com -t ./CVE-2025-29927-6mile.yaml -fr
```

![nextjs-CVE-2025-29927-pic](nextjs-CVE-2025-29927-pic.png)
![nextjs-CVE-2025-29927-pic2](nextjs-CVE-2025-29927-pic2.png)

文件快照

 [4.0K]  /data/pocs/886f20a8455e3ce2ddf90eb50db7f24dabd93156
├── [1.5K]  CVE-2025-29927-6mile.yaml
├── [264K]  nextjs-CVE-2025-29927-pic2.png
├── [405K]  nextjs-CVE-2025-29927-pic.png
└── [1.2K]  README.md

0 directories, 4 files

备注