These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A medium-severity vulnerability (CVSS 5.9) in Danelec MacGregor Voyage Data Recorder (VDR) systems involves password hashing that limits password length and is susceptible to brute-force attacks. The weakness stems from use of a hashing method that does not provide adequate resistance to password cracking attempts. This affects maritime safety equipment used for recording vessel navigation data. The vulne [truncated]
An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes.
CVE-2026-42941 documents a default credential vulnerability in the Danelec MacGregor Voyage Data Recorder (VDR), a maritime safety device used to record ship operational data. The device ships with a default username and password that cannot be changed by users, creating a persistent authentication bypass risk for attackers with adjacent network access. CISA published this advisory on May 28, 2026 (ICS Ad [truncated]
CVE-2026-42929 documents hard-coded credentials in default accounts within the Danelec MacGregor Voyage Data Recorder (VDR), a maritime safety system used to record ship operational data. The vulnerability carries a CVSS 4.0 score of 8.7 (HIGH severity), with an attack vector of Adjacent (AV:A), requiring no privileges (PR:N) and no user interaction (UI:N), enabling complete confidentiality compromise (VC [truncated]
A medium-severity vulnerability in the Danelec MacGregor Voyage Data Recorder (VDR) web interface allows an authenticated administrator to directly edit sensitive authentication-related files, with potential for root password modification. The vulnerability stems from improper access controls (CWE-552) that fail to restrict file editing capabilities to appropriate security boundaries. The CVSS 4.0 vector [truncated]