## https://sploitus.com/exploit?id=0170B478-825A-537C-8058-3184753AD577
# Test app to exploit CVE-2025-29927
The NextJS app has cookie based authentification and a middleware to prevent unauthorized access to /admin page.
To start the app run
```bash
yarn
# then
yarn dev
```
To get unauthorized access to /admin page by using CVE-2025-29927 vulnerability run a proxy-server which adds special headers to requests.
```bash
node scripts/proxy.js
```
Then go to http://localhost:8000/admin