Macgregor: Security Vulnerabilities
An authenticated
user can download a backup of the Danelec MacGregor Voyage Data Recorder
device which includes account data and password hashes.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-05-29
Danelec MacGregor Voyage Data Recorder
passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-05-29
The administrator account for the
Danelec MacGregor Voyage Data Recorder
web interface can directly edit sensitive files related to authentication, potentially changing the root password.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-29
Danelec MacGregor Voyage Data Recorder
includes default accounts with hard-coded credentials.
CVSS Score
8.7
EPSS Score
0.0
Published
2026-05-29
The Danelec MacGregor Voyage Data Recorder
device includes a default username and password, with no enforced password change.
CVSS Score
8.7
EPSS Score
0.0
Published
2026-05-29
An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to read files on the system, a Path Traversal.
CVSS Score
5.3
EPSS Score
0.011
Published
2017-02-13