Datacast Sfx2100_firmware

20 CVEs affecting Datacast Sfx2100_firmware. Latest disclosed: 2026-03-05. Critical: 6, High: 9.

Top CVEs affecting Datacast Sfx2100_firmware
CVESeverityScorePublishedSummary
CVE-2026-29128Critical10.02026-03-05IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components (e.g., zebra, bgpd, ospfd, and ripd) that are own…
CVE-2026-29119Critical9.82026-03-04International Datacasting Corporation (IDC) SFX Series SuperFlex(SFX2100) SatelliteReceiver contains hardcoded and insecure credentials for the `admin` account…
CVE-2026-28778Critical9.82026-03-04International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the `xd` user acc…
CVE-2026-28777Critical9.82026-03-04International Datacasting Corporation (IDC) SFX2100 Satellite Receiver, trivial password for the `user` (usr) account. A remote unauthenticated attacker can…
CVE-2026-28776Critical9.82026-03-04International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the `monitor` account. A remote unauthent…
CVE-2026-28775Critical9.82026-03-04An unauthenticated Remote Code Execution (RCE) vulnerability exists in the SNMP service of International Datacasting Corporation (IDC) SFX Series SuperFlex Sat…
CVE-2026-28774High8.82026-03-04An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation (IDC) SFX Series SuperFlex…
CVE-2026-28773High8.82026-03-04The web-based Ping diagnostic utility (/IDC_Ping/main.cgi) in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite  Receiver Web Manageme…
CVE-2026-28770High8.82026-03-04Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Sate…
CVE-2026-29127High7.82026-03-05The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permis…
CVE-2026-29126High7.82026-03-05Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.script in International Data Casting (IDC) SFX2100 Satellite Receiver allows a loc…
CVE-2026-29124High7.82026-03-05Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/I…
CVE-2026-29123High7.82026-03-05A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux allows a local actor to potentially preform local…
CVE-2026-29121High7.82026-03-05International Data Casting (IDC) SFX2100 satellite receiver comes with the `/sbin/ip` utility installed with the setuid bit set. This configuration grants elev…
CVE-2026-29120High7.82026-03-04The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation (IDC) SFX Series(SFX2100) SuperFlex Satellite Receiver insec…
CVE-2026-28769Medium6.52026-03-04A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite…
CVE-2026-28772Medium6.12026-03-04A Reflected Cross-Site Scripting (XSS) vulnerability in the /IDC_Logging/index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex…
CVE-2026-28771Medium6.12026-03-04A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex Sate…
CVE-2026-29122Medium5.52026-03-05International Data Casting (IDC) SFX2100 satellite receiver comes with the `/bin/date` utility installed with the setuid bit set. This configuration grants ele…
CVE-2026-29125Medium4.72026-03-05IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect networ…