A vulnerability, which was classified as critical , was found in Navtor NavBox up to 4.16.1.20 . Affected by this vulnerability is an unknown functionality of the component SOAP Interface . The manipulation results in hard-coded credentials. This vulnerability is reported as CVE-2026-21404 . The attack requires a local approach. No exploit exists. You should upgrade the affected component.