POC详情: b85611719ec71266ec36be6239294caadfab11f5

来源
https://github.com/amitlttwo/Next.JS-CVE-2025-29927
关联漏洞
标题: Next.js 安全漏洞 (CVE-2025-29927)
描述:Next.js是Vercel开源的一个 React 框架。 Next.js 14.2.25之前版本和15.2.3之前版本存在安全漏洞,该漏洞源于如果授权检查发生在中间件中,可能绕过授权检查。
介绍

# Next.js Vulnerability Scanner (CVE-2025-29927)

[![Go Report Card](https://goreportcard.com/badge/github.com/yourusername/nextjs-scanner)](https://goreportcard.com/report/github.com/yourusername/nextjs-scanner)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

A security tool to detect and verify Next.js applications vulnerable to CVE-2025-29927 (Authentication Bypass).

## Features

- 🎯 Accurate Next.js detection with multiple verification methods
- 🔍 Precise version comparison to identify vulnerable instances
- 🛡️ Exploit verification with zero false positives
- 🚀 High-performance concurrent scanning
- 📊 Multiple output formats (console, file)

## Installation

### Binary Releases

Download pre-built binaries from the [Releases page](https://github.com/yourusername/nextjs-scanner/releases).

### From Source

1. Ensure you have Go 1.20+ installed
2. Clone the repository:
   ```
   git clone https://github.com/yourusername/nextjs-scanner.git
   cd nextjs-scanner
 
  ```
文件快照

 [4.0K]  /data/pocs/b85611719ec71266ec36be6239294caadfab11f5
├── [ 14K]  nextjs-scanner.go
└── [1.0K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。