d3mondev (@d3mondev) Bsky

Doing the Due Diligence: Analyzing the Next.js Middleware Bypass (CVE-2025-29927) › Searchlight Cyber This critical vulnerability allowed attackers to bypass authentication implemented in the middleware layer. With the popularity of this framework on the internet and within our customers' attack surfa...

This is actually a more thorough explanation and PoC to build into your scanners

slcyber.io/assetnote-se...

1 year ago 0 0 0 0

Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass - ZeroPath Blog Explore the critical CVE-2025-29927 vulnerability in Next.js middleware, enabling attackers to bypass authorization checks and gain unauthorized access.

zeropath.com/blog/nextjs-...

1 year ago 1 0 1 0

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA!!!

Sorry, just me yelling at WAFs.

1 year ago 0 0 0 0

2 years ago 2 0 0 0

Posts by d3mondev