Skip to content

Sensitive Data: Nginx Proxy Manager - Default Login

Identifier: nginx_proxy_manager_default_login

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

Nginx Proxy Manager reverse proxy management interface may be accessible with default credentials, allowing unauthorized access to proxy configurations, SSL certificates, and administrative functions.

How we test: We attempt to authenticate to the Nginx Proxy Manager interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.

Configuration

Example

Example configuration:

---
security_tests:
  nginx_proxy_manager_default_login:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.