MEDIUM
NAVTOR
CVE published 2026-06-04
CVE-2026-21404
CVE-2026-21404 is a medium-severity vulnerability in NAVTOR NavBox versions up to 4.16.1.20. The issue arises from hard-coded credentials within its Windows Communication Foundation (SOAP) implementation. If SOAP functionality is enabled, a local attacker can extract these credentials to bypass the intended transfer workflow. Successful authentication against the SOAP interface grants access to privileged [truncated]