CVE-2026-42951

MEDIUM

MacGregor Voyage Data Recorder (VDR) G4e Insufficiently Protected Credentials

Title source: cna
STIX 2.1

Description

An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes.

References (3)

Core 3

Scores

CVSS v3 5.4
EPSS 0.0023
EPSS Percentile 14.0%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-522
Status published
Products (2)
Danelec/MacGregor Voyage Data Recorder (VDR) G4e < 5.250
macgregor/interschalt_vdr_g4e_firmware < 5.250
Published May 29, 2026
Tracked Since May 30, 2026