898 matches found
PYSEC-2026-2003 vantage6 has insecure SSH configuration for node and server containers
Impact Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. We will probably opt to...
CVE-2026-40425
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
CVE-2024-43384
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer...
GHSA-FGMC-2HQJ-86V4 Vantage6: Set admin user and password from environment or configuration
Impact Vantage6 currently provides an initial user with username root and password root. This is not ideal for the following reasons: - Attackers know that almost all vantage6 servers have a user with username root that probably has admin rights - The initial password is very weak and it is...
Vantage6: Set admin user and password from environment or configuration
Impact Vantage6 currently provides an initial user with username root and password root. This is not ideal for the following reasons: - Attackers know that almost all vantage6 servers have a user with username root that probably has admin rights - The initial password is very weak and it is...
PT-2026-49248
Impact Vantage6 currently provides an initial user with username root and password root. This is not ideal for the following reasons: - Attackers know that almost all vantage6 servers have a user with username root that probably has admin rights - The initial password is very weak and it is...
CVE-2026-36182
GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...
PT-2026-46255
GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...
CVE-2026-35905
T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 were discovered to contain a hardcoded password for root access under the "superadmin" account...
PT-2026-46241
T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 were discovered to contain a hardcoded password for root access under the "superadmin" account...
CVE-2026-36182
GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...
EUVD-2026-34309
GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...
CVE-2026-36182
GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...
GNCC GP5 安全漏洞
GNCC GP5 is a 2K indoor security camera produced by GNCC Corporation. The GNCC GP5 v7.1.76 version contains a security vulnerability. This vulnerability stems from the use of a weak hash algorithm to protect the root password, which may allow attackers to obtain root credentials through brute-for...
CVE-2026-40425
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
CVE-2026-40425 MacGregor Voyage Data Recorder (VDR) G4e Files or Directories Accessible to External Parties
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
CVE-2026-40425 MacGregor Voyage Data Recorder (VDR) G4e Files or Directories Accessible to External Parties
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
EUVD-2026-33403
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
CVE-2026-40425
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...
CVE-2026-40425
CVE-2026-40425 affects the Danelec MacGregor Voyage Data Recorder (VDR) web interface. The vulnerability allows the administrator account to directly edit sensitive authentication-related files, potentially changing the root password. This is supported by ICS-CERT/DHS metrics indicating impact to...