Skip to content

Sensitive Data: Node-Red - Default Login

Identifier: nodered_default_login

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Allows attacker to log in and execute RCE on the Node-Red panel using the default credentials.

Reference:

Configuration

Example

Example configuration:

---
security_tests:
  nodered_default_login:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.