MR-GM5L-S1 and MR-GM5A-L1 Use Stolen Administrator Credentials

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.3

MR-GM5L-S1 and MR-GM5A-L1 Use Stolen Administrator Credentials

CVE-2026-24448

Summary

Some MR-GM5L-S1 and MR-GM5A-L1 devices have hardcoded administrator credentials, making it possible for unauthorized individuals to access and control the devices. This poses a significant security risk, especially if the credentials are not changed. The manufacturer should be contacted to obtain the correct configuration to secure the devices.

Original title

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access.

Original description

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access.

nvd CVSS3.0 9.8

nvd CVSS4.0 9.3

Vulnerability type

CWE-798 Use of Hard-coded Credentials

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026