A critical vulnerability identified as CVE-2025-29927 has been discovered in Next.js, a widely-used web framework. This flaw enables attackers to bypass middleware-based authorization, posing significant security risks for applications built on Next.js, including e-commerce sites and SaaS platforms. Developers are urged to upgrade to the latest versions to prevent unauthorized access. Affected: Next.js applications, e-commerce platforms, news websites, SaaS applications, internal tools
Keypoints :
- The vulnerability CVE-2025-29927 affects Next.js, allowing bypassing of middleware authorization.
- Exploiting the vulnerability is simple through the addition of an HTTP header: ‘x-middleware-subrequest: middleware’.
- Next.js versions before 14.2.25 and 15.2.3 are vulnerable and need immediate upgrades.
- Attackers can exploit this vulnerability using tools like Curl and Burp Suite.
- Detection methods include monitoring logs for suspicious requests and using intrusion detection systems (IDS) like Snort and Zeek.
- Mitigation steps involve upgrading Next.js to patched versions, blocking malicious headers at the web server level, and implementing additional security measures at the route level.
- Developers and administrators are encouraged to proactively secure their applications against unauthorized access.
Full Story: https://infosecwriteups.com/next-js-cve-2025-29927-tryhackme-writeup-68d5cc6859a3?source=rss—-7b722bfd1b8d—4