Anipaleja

Name of the Vulnerable Software and Affected Versions: nginx-defender versions prior to 1.5.0 Description: nginx-defender deployments are susceptible to a configuration issue due to the presence of default credentials in example configuration files, such as `config.yaml` and `docker-compose.yml`. These default credentials include `default password: "change me please"` and `GF SECURITY ADMIN PASSWORD=admin123`. If these defaults are not changed during deployment, attackers with network access could gain administrative control, potentially bypassing security protections. Recommendations: Update to version 1.5.0 or later. Change the default credentials in `config.yaml` and `docker-compose.yml` immediately. Specifically, update `default password` and `GF SECURITY ADMIN PASSWORD`.