Lucene search
K

898 matches found

OSV
OSV
added 4 days ago4 views

PYSEC-2026-2003 vantage6 has insecure SSH configuration for node and server containers

Impact Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. We will probably opt to...

6.5CVSS7.2AI score0.00466EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-40425

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

6.9CVSS5.5AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.9 views

CVE-2024-43384

A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...

8CVSS5.5AI score0.0034EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:45 p.m.7 views

GHSA-FGMC-2HQJ-86V4 Vantage6: Set admin user and password from environment or configuration

Impact Vantage6 currently provides an initial user with username root and password root. This is not ideal for the following reasons: - Attackers know that almost all vantage6 servers have a user with username root that probably has admin rights - The initial password is very weak and it is...

6.9CVSS5.5AI score0.00292EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/05 4:45 p.m.15 views

Vantage6: Set admin user and password from environment or configuration

Impact Vantage6 currently provides an initial user with username root and password root. This is not ideal for the following reasons: - Attackers know that almost all vantage6 servers have a user with username root that probably has admin rights - The initial password is very weak and it is...

6.9CVSS5.5AI score0.00292EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.10 views

PT-2026-49248

Impact Vantage6 currently provides an initial user with username root and password root. This is not ideal for the following reasons: - Attackers know that almost all vantage6 servers have a user with username root that probably has admin rights - The initial password is very weak and it is...

6.9CVSS5.4AI score
Exploits0References4
NVD
NVD
added 2026/06/04 4:16 p.m.14 views

CVE-2026-36182

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

9.8CVSS0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46255

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

5.8AI score0.0019EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.8 views

CVE-2026-35905

T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 were discovered to contain a hardcoded password for root access under the "superadmin" account...

5.5AI score0.00421EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46241

T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 were discovered to contain a hardcoded password for root access under the "superadmin" account...

5.8AI score0.00421EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.8 views

CVE-2026-36182

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

5.5AI score0.0019EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 12:0 a.m.11 views

EUVD-2026-34309

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

5.8AI score0.0019EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.42 views

CVE-2026-36182

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

GNCC GP5 安全漏洞

GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from the use of a weak hash algorithm to protect the root password, which may allow attackers to obtain root credentials through brute-for...

9.8CVSS5.3AI score0.0019EPSS
Exploits0References3
NVD
NVD
added 2026/05/29 7:16 p.m.12 views

CVE-2026-40425

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

6.9CVSS0.00376EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/29 5:47 p.m.11 views

CVE-2026-40425 MacGregor Voyage Data Recorder (VDR) G4e Files or Directories Accessible to External Parties

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/29 5:47 p.m.35 views

CVE-2026-40425 MacGregor Voyage Data Recorder (VDR) G4e Files or Directories Accessible to External Parties

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

6.9CVSS0.00376EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 5:47 p.m.18 views

EUVD-2026-33403

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 5:47 p.m.11 views

CVE-2026-40425

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References4
CVE
CVE
added 2026/05/29 5:47 p.m.22 views

CVE-2026-40425

CVE-2026-40425 affects the Danelec MacGregor Voyage Data Recorder (VDR) web interface. The vulnerability allows the administrator account to directly edit sensitive authentication-related files, potentially changing the root password. This is supported by ICS-CERT/DHS metrics indicating impact to...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder