CVE-2026-42929

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials.

high 8.3 CVSS 3.1
Published: May 29, 2026
Modified: Jun 4, 2026
Vendor: Macgregor
Product: Interschalt Vdr G4E Firmware

Description

Danelec MacGregor Voyage Data Recorder
includes default accounts with hard-coded credentials.

References

Related CVEs

CVE-2026-42951 medium · 5.4
An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes.
CVE-2026-44611 medium · 5.4
Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.
CVE-2026-40425 medium · 5.7
The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root p
CVE-2026-42941 high · 8.3
The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change.