A critical vulnerability, CVE-2025-29927, has been identified in Next.js, a React-based web framework by Vercel. This flaw allows attackers to bypass middleware-based authorization checks by exploiting the x-middleware-subrequest
header.
Middleware in Next.js is widely used for tasks such as path rewriting, server-side redirects, security headers (e.g., CSP), and access control.
The vulnerability affects versions 11.1.4 through 13.5.6, 14.x before 14.2.25, and 15.x before 15.2.3.
The issue stems from a design flaw in how Next.js processes the x-middleware-subrequest
header, originally intended for internal use to prevent infinite middleware loops.
If this header contains a specific value matching the middleware’s name, the middleware execution is skipped entirely.
Attackers can exploit this by crafting requests with the appropriate header value to bypass all middleware protections.
Attackers can send an HTTP request with the following header to bypass middleware:
textGET /dashboard/admin HTTP/1.1
Host: example.com
X-Middleware-Subrequest: middleware:middleware:middleware:middleware:middleware
This grants unauthorized access to protected resources by skipping authentication and authorization checks.
The vulnerability poses severe risks:
Vercel has released patches:
x-middleware-subrequest
header at the server or load balancer level.Workarounds include:
A Nuclei detection template has been developed to identify vulnerable systems by checking for bypass scenarios using crafted headers.
CVE-2025-29927 highlights how minor implementation flaws can lead to significant security breaches. Organizations using self-hosted Next.js must urgently patch their systems or implement mitigations to avoid exploitation.
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…