d3mondev's Avatar

d3mondev

@d3mondev

๐Ÿ‘จโ€๐Ÿ’ป Hacker & Coder ๐ŸŒŽ Author of Puredns ๐ŸŽฎ Former Gamedev & Tech Exec ๐Ÿ’ฅ Let's break stuff together! I tweet about hacking, bug bounty and programming.

15
Followers 7
Following 4
Posts 30.11.2023
Joined
Posts Following

Latest posts by d3mondev @d3mondev

Preview
Doing the Due Diligence: Analyzing the Next.js Middleware Bypass (CVE-2025-29927) โ€บ Searchlight Cyber This critical vulnerability allowed attackers to bypass authentication implemented in the middleware layer. With the popularity of this framework on the internet and within our customers' attack surfa...

This is actually a more thorough explanation and PoC to build into your scanners

slcyber.io/assetnote-se...

24.03.2025 11:13 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
Next.js Middleware Exploit: Deep Dive into CVE-2025-29927 Authorization Bypass - ZeroPath Blog Explore the critical CVE-2025-29927 vulnerability in Next.js middleware, enabling attackers to bypass authorization checks and gain unauthorized access.

zeropath.com/blog/nextjs-...

22.03.2025 18:32 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 1 ๐Ÿ“Œ 0

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA!!!

Sorry, just me yelling at WAFs.

18.03.2025 18:54 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

<img src=1 onerror=alert(1)>

30.11.2023 18:42 ๐Ÿ‘ 2 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0