Adam Sobieraj

**Name of the Vulnerable Software and Affected Versions** NetBird VPN versions prior to 0.57.0 **Description** NetBird VPN, when installed using the vendor’s provided script, did not remove or change the default password of an admin account created by ZITADEL. This potentially allows for full remote takeover with zero user interaction. Instances created with Docker may also be affected if the default password was not changed or the user was not removed. **Recommendations** Update to version 0.57.0 or later.