CVE-2026-36182
9.8 CRITICALGNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain r...
Published: 2026-06-04 · Last updated: 2026-06-08
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-328
Description
GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-36182
- [Other]http://gncc.com
- [Other]http://gp5.com
- [Other]https://github.com/BadChemical/IoT-Vulnerability-Research-Public/blob/main/GNCC-GP5-T23/README.md
- [Other]https://github.com/BadChemical/IoT-Vulnerability-Research-Public/blob/main/GNCC-GP5-T23/README.md
Related CVEs
Same CWE
- CVE-2026-48488 — phpMyFAQ is an open source FAQ web application
- CVE-2026-11481 — A vulnerability was determined in yoanbernabeu grepai up to 0.35.0 (2.5 LOW)
- CVE-2026-11479 — A vulnerability has been found in yoanbernabeu grepai 0.35.0 (4.2 MEDIUM)
- CVE-2026-11330 — A weakness has been identified in thedotmack claude-mem up to 11.0.1 (3.6 LOW)
- CVE-2026-11329 — A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0 (3.6 LOW)