Primary

Context

Danelec MacGregor Voyage Data Recorder Password Hashing Vulnerability Allowing Brute Force Attacks

Vulnerability

Patched

A vulnerability exists in the Danelec MacGregor Voyage Data Recorder (VDR) G4e, in versions prior to V5.250, where passwords are hashed using a method that restricts password length and is vulnerable to brute force attacks. This flaw could potentially allow an attacker to gain unauthorized access to the device by exploiting the weak password hashing mechanism.

Impact

Exploitation of this vulnerability could lead to unauthorized administrator access on the affected device.

Remediation

Danelec has released firmware version V5.250 to address this vulnerability. Users are encouraged to update their MacGregor Voyage Data Recorder (VDR) G4e devices at the earliest service opportunity. For additional questions, contact Danelec through their website.

Added: May 29, 2026, 7:46 PM

Updated: May 29, 2026, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

7.9

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

7.9

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Danelec MacGregor Voyage Data Recorder Password Hashing Vulnerability Allowing Brute Force Attacks

Vulnerability

Impact

Remediation

Affected Products

Danelec MacGregor Voyage Data Recorder

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating