CVE-2025-55740: Default Credentials in nginx-defender Configuration Files

August 19, 2025

This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files config.yaml, docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections.

Who is impacted? All users who deploy nginx-defender with default credentials and expose the admin interface to untrusted networks.

References

github.com/Anipaleja/nginx-defender
github.com/Anipaleja/nginx-defender/security/advisories/GHSA-pr72-8fxw-xx22
github.com/advisories/GHSA-pr72-8fxw-xx22
nvd.nist.gov/vuln/detail/CVE-2025-55740

Code Behaviors & Features

Detect and mitigate CVE-2025-55740 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →