CVE-2025-55740
MEDIUMAnipaleja nginx-defender < 1.5.0 - Use of Default Credentials
Title source: llmDescription
nginx-defender is a high-performance, enterprise-grade Web Application Firewall (WAF) and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml and docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections. The issue is addressed in v1.5.0 and later.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://github.com/Anipaleja/nginx-defender/security/advisories/GHSA-pr72-8fxw-xx22
Scores
CVSS v3
6.5
EPSS
0.0022
EPSS Percentile
12.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1392
Status
published
Products (2)
Anipaleja/nginx-defender
0 - 1.5.0Go
Anipaleja/nginx-defender
< 1.5.0
Published
Aug 19, 2025
Tracked Since
Feb 18, 2026