Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)
文章介绍了一个用于检测Next.js网站是否存在中间件漏洞(CVE-2025-29927)的Python脚本Ghost-Route。该漏洞允许攻击者通过自定义头x-middleware-subrequest绕过认证访问受保护路径。支持Next.js 11.1.4及以上版本,并提供安装和使用指南。 2025-4-22 12:30:0 Author: www.kitploit.com(查看原文) 阅读量:13 收藏

A Python script to check Next.js sites for corrupt middleware vulnerability (CVE-2025-29927).

The corrupt middleware vulnerability allows an attacker to bypass authentication and access protected routes by send a custom header x-middleware-subrequest.

Next JS versions affected: - 11.1.4 and up

[!WARNING] This tool is for educational purposes only. Do not use it on websites or systems you do not own or have explicit permission to test. Unauthorized testing may be illegal and unethical.

Installation

Clone the repo

git clone https://github.com/takumade/ghost-route.git
cd ghost-route

Create and activate virtual environment

python -m venv .venv
source .venv/bin/activate

Install dependencies

pip install -r requirements.txt

Usage

python ghost-route.py <url> <path> <show_headers>
  • <url>: Base URL of the Next.js site (e.g., https://example.com)
  • <path>: Protected path to test (default: /admin)
  • <show_headers>: Show response headers (default: False)

Example

Basic Example

python ghost-route.py https://example.com /admin

Show Response Headers

python ghost-route.py https://example.com /admin True

License

MIT License

Credits

Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927) Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927) Reviewed by Zion3R on 8:30 AM Rating: 5


文章来源: http://www.kitploit.com/2025/04/ghost-route-ghost-route-detects-if-next.html
如有侵权请联系:admin#unsafe.sh