Skip to content

Cyber Learnings

My journey through the infosec domain

Home

Tag: CVE-2025-29927

Defhawk CTF Writeup – NextJS Middleware Bypass

In this article, I will walk you through a CTF that simulates the NextJS middleware bypass vulnerability described in CVE-2025-29927. I will also discuss a simple Python POC that Google Gemini wrote for me. This helped me understand the vulnerability and find the flag. CTF Description https://defhawk.com/battleground/raid/appliedoffsecandwebsecurity/fakeestate The CTF link provides the following description: “You…

raghavan

April 14, 2026

ctf, ethical hacking, javascript

crac, ctf, cve, CVE-2025-29927, defhawk, python, writeup

Blog at WordPress.com.

Subscribe Subscribed
- Cyber Learnings
- Already have a WordPress.com account? Log in now.