{"vulnerability": "cve-2024-34351", "sightings": [{"uuid": "e938c068-daae-4708-abb7-e97d977f63ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8331", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for a full exploitation of NextJS SSRF (CVE-2024-34351) \nURL\uff1ahttps://github.com/God4n/nextjs-CVE-2024-34351-_exploit\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-22T19:26:38.000000Z"}, {"uuid": "3e093856-26b4-4370-9d70-cccedc688f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "seen", "source": "https://gist.github.com/tuannguyenx2024/8e367a0089f96d8a24996b10f608c5b3", "content": "", "creation_timestamp": "2026-02-10T16:39:07.000000Z"}, {"uuid": "1d575d51-31e4-4333-964e-4828f5ab0187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "seen", "source": "https://gist.github.com/parameciumzhang/6f62cee5cf4bf3d4531636d086d5418e", "content": "", "creation_timestamp": "2025-12-12T03:37:29.000000Z"}, {"uuid": "2f80159d-ccc9-46e3-b1c3-769f29ba710a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4009", "content": "\ud83d\udea8Alert\ud83d\udea8CVE-2024-34351:Next.js Server-Side Request Forgery in Server Actions\n\ud83d\udd25PoC: https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps#/ \n\u26a0A SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself.\n\ud83d\udcca3.1M+ Services are found on  hunter.how\n\ud83d\udd17Hunter Link: https://hunter.how/list?searchValue=product.name%3D%22Next.js%22 \n\ud83d\udcf0Refer: https://github.com/advisories/GHSA-fr5h-rqp8-mj6g \nHunter:/product.name=\"Next.js\"\nFOFA:app=\"Next.js\"\nSHODAN:http.component:\"Next.js\"\n#NextJS #SSRF #Vulnerability", "creation_timestamp": "2024-05-10T12:02:39.000000Z"}, {"uuid": "7584da72-0410-4f89-83e5-99187d10db2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/126", "content": "\ud83d\udea8Alert\ud83d\udea8CVE-2024-34351:Next.js Server-Side Request Forgery in Server Actions\n\ud83d\udd25PoC: https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps#/ \n\u26a0A SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself.\n\ud83d\udcca3.1M+ Services are found on  hunter.how\n\ud83d\udd17Hunter Link: https://hunter.how/list?searchValue=product.name%3D%22Next.js%22 \n\ud83d\udcf0Refer: https://github.com/advisories/GHSA-fr5h-rqp8-mj6g \nHunter:/product.name=\"Next.js\"\nFOFA:app=\"Next.js\"\nSHODAN:http.component:\"Next.js\"", "creation_timestamp": "2024-05-10T12:42:38.000000Z"}, {"uuid": "0a0ef3e2-90e0-4c06-9caf-354a647f53e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "seen", "source": "https://t.me/cyberbannews_ir/11846", "content": "\ud83e\ude99 \u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc Request Smuggling \u0648 SSRF \u062f\u0631 Next.js\n\n\ud83d\udd39\u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-34350 \u0648 CVE-2024-34351 \u0648 \u0634\u062f\u062a\u200c\u0647\u0627\u06cc \u0628\u0627\u0644\u0627 \u062f\u0631 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc Next.js \u06a9\u0634\u0641 \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u06a9\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 Response queue poisoning \u0648 SSRF \u0645\u06cc\u200c\u0628\u0627\u0634\u0646\u062f.\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc Response queue poisoning \u0628\u0647 \u062f\u0644\u06cc\u0644 \u062a\u0641\u0633\u06cc\u0631 \u0646\u0627\u0633\u0627\u0632\u06af\u0627\u0631 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP \u0628\u0647 \u0648\u062c\u0648\u062f \u0622\u0645\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u06af\u0627\u0647\u06cc \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0648 \u06af\u0627\u0647\u06cc \u062f\u0648 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u062c\u062f\u0627\u06af\u0627\u0646\u0647 \u062a\u0641\u0633\u06cc\u0631 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc SSRF \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0645\u0648\u0644\u0641\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u062f\u0631 Next.js \u0627\u06cc\u062c\u0627\u062f \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634\u200c\u0641\u0631\u0636 \u0641\u0639\u0627\u0644 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.\n\n\ud83d\udd18 \u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0645\u0644 \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc\n\n\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\ud83d\udd38\n\ud83e\udda0 @cyberbannews_ir", "creation_timestamp": "2024-05-13T08:31:07.000000Z"}, {"uuid": "4ebc7eb4-2be8-49b3-986d-9208467ddb81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "seen", "source": "https://t.me/MrVGunz/1105", "content": "CVE-2024-34351:Next.js Server-Side Request Forgery in Server Actions\n\nA SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself.\n\n\ud83c\udfaf Poc\n\ud83d\udcda Refer\n\n\ud83d\udd39\ufe0f @hack_authenticator", "creation_timestamp": "2024-05-12T15:41:34.000000Z"}, {"uuid": "92d10bc8-bd29-4371-b42e-3b2676b69b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "seen", "source": "https://t.me/HackingInsights/286", "content": "\u200aCVE-2024-34350 &amp; CVE-2024-34351: Two Vulnerabilities Patched in Popular Next.js Framework\n\nhttps://securityonline.info/cve-2024-34350-cve-2024-34351-two-vulnerabilities-patched-in-popular-next-js-framework/", "creation_timestamp": "2024-05-11T10:13:49.000000Z"}, {"uuid": "88ed1403-a5d1-44be-a065-4f31e8d55b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2494", "content": "https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps\n\nCVE-2024-34351\n#\u5206\u6790 #poc", "creation_timestamp": "2024-05-15T21:48:21.000000Z"}, {"uuid": "26a87997-29fb-4c47-a004-a25bcfcaba0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-34351", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/356", "content": "\ud83d\udea8CVE-2024-34351:Next.js SSRF in Server Actions\ud83d\udea8 \n \n\ud83d\udce2 Security researchers at Assetnote have identified a SSRF vulnerability in Next.js Server Actions. If the Host header is modified, and certain conditions are met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself.  \n \n\ud83d\udcddDorks---&gt;  \nHunter:/product.name=\"Next.js\" \nFOFA:app=\"Next.js\" \nSHODAN:http.component:\"Next.js\" \n \n\ud83d\udd17PoC: https://lnkd.in/gKbjiHVY \n \n\u26a0Stay vigilant and take necessary precautions to protect your applications.", "creation_timestamp": "2024-05-10T20:28:15.000000Z"}]}