VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 4, 2026· Updated Jun 4, 2026

CVE-2026-36182

CVE-2026-36182

Description

GNCC GP5 v7.1.76 uses weak MD5 hashing for root passwords, enabling bruteforce attacks to gain root privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

GNCC GP5 v7.1.76 uses weak MD5 hashing for root passwords, enabling bruteforce attacks to gain root privileges.

Vulnerability

The GNCC GP5 indoor camera, specifically firmware version 7.1.76, utilizes a weak hashing algorithm, MD5, to protect the root password. This vulnerability is present on the T23 platform and potentially affects similar models [1].

Exploitation

An attacker with physical access to the device can exploit this vulnerability. By chaining this with other vulnerabilities, such as a U-Boot bypass, an attacker can potentially obtain the root password hash and then use a bruteforce attack to recover the credentials [1].

Impact

Successful exploitation allows an attacker to obtain root credentials, granting them full root access and privileges on the device. This could lead to a complete compromise of the camera's functionality and any data it processes or transmits [1].

Mitigation

This vulnerability is currently unpatched. The vendor has not responded to vulnerability disclosure efforts. No workarounds or fixed versions are available at this time [1].

References
  1. IoT-Vulnerability-Research-Public/GNCC-GP5-T23/README.md at main · BadChemical/IoT-Vulnerability-Research-Public

AI Insight generated on Jun 4, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"The system uses a weak hashing algorithm (MD5) for storing the root password, making it vulnerable to brute-force attacks."

Attack vector

An attacker with physical access to the device can exploit this vulnerability. By accessing the system's filesystem, they can locate the stored password hash. Subsequently, they can perform a brute-force attack against this weak hash to recover the root password and gain elevated privileges. [ref_id=1]

Affected code

The vulnerability lies in the system's method of storing the root password, which utilizes MD5 hashing. This weak cryptographic storage is detailed in the vulnerability breakdown. [ref_id=1]

What the fix does

The advisory does not specify a patch or provide remediation guidance for this vulnerability. Therefore, the vendor has not addressed the insecure system password hashing mechanism. The advisory indicates the vulnerability remains unpatched. [ref_id=1]

Preconditions

  • inputPhysical access to the device is required to access the filesystem and retrieve the password hash. [ref_id=1]

Generated on Jun 4, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.