CVE-2026-44611
5.4 MEDIUMDanelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brut...
Published: 2026-05-29 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 5.4 MEDIUM
- Vector
- CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
- CWE
- CWE-916
Affected products
| Vendor | Product |
|---|---|
| macgregor | interschalt_vdr_g4e_firmware |
Description
Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-42951 — An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and passwo... (5.4 MEDIUM)
- CVE-2026-42941 — The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change (8.3 HIGH)
- CVE-2026-42929 — Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials (8.3 HIGH)
- CVE-2026-40425 — The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to auth... (5.7 MEDIUM)
Same CWE
- CVE-2026-25861 — QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise... (5.9 MEDIUM)
- CVE-2026-45787 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client (9.1 CRITICAL)
- CVE-2026-45027 — WeGIA is a web manager for charitable institutions (5.9 MEDIUM)