6.5 CVE-2025-55740
nginx-defender is a high-performance, enterprise-grade Web Application Firewall (WAF) and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files
config.yaml and docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections. The issue is addressed in v1.5.0 and later.
https://nvd.nist.gov/vuln/detail/CVE-2025-55740
Categories
CWE-1392 : Use of Default Credentials
It is common practice for products to be designed to usedefault keys, passwords, or other mechanisms forauthentication. The rationale is to simplify themanufacturing process or the system administrator's task ofinstallation and deployment into an enterprise. However, ifadmins do not change the defaults, it is easier for attackersto bypass authentication quickly across multipleorganizations.
References
security-advisories@github.com
AFFECTED (from MITRE)
| Vendor |
Product |
Versions |
| Anipaleja |
nginx-defender |
|
| © 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. |
CPE
REMEDIATION
EXPLOITS
Exploit-db.com
| id |
description |
date |
|
| No known exploits |
POC Github
Other Nist (github, ...)
CAPEC
Common Attack Pattern Enumerations and Classifications
| id |
description |
severity |
| No entry |
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
Discover this offer
