webPromedium

Lab 372 — PipelineIQ — Next.js Middleware Authorization Bypass

hackadvisor

Task: PipelineIQ sales platform with Next.js middleware-based admin authorization. Solution: Bypass middleware using CVE-2025-29927 x-middleware-subrequest header to access admin secrets endpoint.

header_injection authorization_bypass nextjs middleware_bypass cve_2025_29927 app_router

header_injectionauthorization_bypassnextjs_middleware_subrequest_bypassmiddleware_recursion_exploit

$ ls tags/ techniques/

header_injection authorization_bypass nextjs middleware_bypass cve_2025_29927 app_router

header_injectionauthorization_bypassnextjs_middleware_subrequest_bypassmiddleware_recursion_exploit

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ cat writeup.md…

Sign in to access full writeups

Sign in to access full writeups

Similar writeups