Nextjs v2.4.1 LFI CVE-2017-16877 Scanner

Details

Stay Up To Date

Follow @secforeveryone

Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Nextjs v2.4.1 LFI CVE-2017-16877 Scanner Detail

In Next.js through 2.4.1, there is Local File Inclusion vulnerability.

ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.

https://github.com/zeit/next.js/releases/tag/2.4.1

Some Advice for Common Problems

Keep your Next.js Up-to-Date.
In addition to code update processes, organizations should also deploy WAFs to help identify active attacks.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service