CVE Catalog

CVE-2026-36182

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile — higher than 10% of all known CVEs

Summary

GNCC GP5 v7.1.76 was discovered to use a weak hashing algorithm to protect the root password. This could allow attackers to obtain root credentials and privileges via a brute-force attack.

Risk Assessment

The risk involves potential full system compromise by an unauthorized attacker, leading to loss of integrity and confidentiality of the system and data.

Recommendation

It is recommended to immediately update GNCC GP5 to the latest available version that fixes this vulnerability, and change the root password to a strong, unique password.

Original NVD description (English source)

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS