# CVE-2025-29927 – Next.js Middleware Authorization Bypass
This repository contains a functional exploit for CVE-2025-29927, a critical authorization bypass vulnerability in Next.js. The flaw allows attackers to bypass middleware-based authentication and authorization checks, granting unauthorized access to protected routes.
## Description
CVE-2025-29927 is a critical vulnerability in Next.js middleware that allows attackers to bypass authentication and authorization checks by sending a specially crafted HTTP request containing the internal header x-middleware-subrequest. This header is intended or internal use to prevent infinite recursion during middleware execution. However, its improper handling allows attackers to exploit this mechanism to skip middleware checks, potentially exposing sensitive administrative routes and protected content.
The vulnerability affects Next.js versions prior to:
- 15.2.3
- 14.2.25
- 13.5.9
- 12.3.5
Applications using middleware for critical tasks, such as authentication or security checks, and running on affected versions are vulnerable to this exploit. Notably, deployments hosted on Vercel are automatically protected against this vulnerability.
## Installation Instructions
1. Create a Virtual Environment (Optional but Recommended):
```bash
python3 -m venv .venv
source .venv/bin/activate
```
2. Install Dependencies:
```bash
pip install -r requirements.txt
```
## Requirements
- Python 3.7+
- requests library
- colorama library
- beautifulsoup4 library
- Vulnerable Next.js application with middleware-based access control
## Usage
```bash
python3 exploit.py --host <IP> --port <PORT> --path <PATH> --method <METHOD>
```
[4.0K] /data/pocs/f52b7f6cbd86477dff59ebacf78030f820d760d0
├── [4.7K] exploit.py
├── [1.7K] README.md
└── [ 55] requirements.txt
0 directories, 3 files