mongo-gui icon indicating copy to clipboard operation
mongo-gui copied to clipboard

Published 20 hours ago verified publisher icon arunbandari

Unauthorized Access Vulnerability in Default Configuration

Open tzf1003 opened this issue 1 year ago • 0 comments

Hello @arunbandari

I have identified a security vulnerability in the default configuration of your mongo-gui project. It currently does not have password protection enabled by default. As a result, assets associated with this project can be found on platforms such as FOFA and ZoomEye through ico searches. This exposes users' databases to potential data breaches.

For the security of users, I kindly advise that you modify the default configuration to enable password protection.

Thank you for your attention to this matter.

Best Regards, tzf1003

tzf1003 avatar Aug 30 '23 13:08 tzf1003