汇总 datacast 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 跨站脚本与路径处理缺陷 等问题,部分漏洞可能导致 会话劫持,并影响 软件部署与生产负载 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-29128 | IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components (e.g., zebra, bgpd, ospfd, and ripd) that are owned by root but world-readable. The configuration files (e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf) contain hardcoded or otherwise insecure plaintext passwords (including “enable”/privileged-mode credentials). A remote actor is able to abuse the reuse/hardcoded nature of these credentials to further access other systems in the netw | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.6 | 0.01% | 2026-03-05 | 2026-03-09 |
| CVE-2026-29127 | The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation depending on conditions of the system due to the presence of highly privileged processes and binaries residing within the affected directory. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 9.2 | 0.01% | 2026-03-05 | 2026-03-09 |
| CVE-2026-29126 | Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.script in International Data Casting (IDC) SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges (local privilege escalation and persistence) via modification of a root-owned, world-writable BusyBox udhcpc DHCP event script, which is executed when a DHCP lease is obtained, renewed, or lost. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.5 | 0.01% | 2026-03-05 | 2026-03-11 |
| CVE-2026-29125 | IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 7.1 | 0.01% | 2026-03-05 | 2026-03-11 |
| CVE-2026-29124 | Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting (IDC) SFX2100 Satellite Receiver, which may lead to local privlidge escalation from the `monitor` user to root | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.6 | 0.01% | 2026-03-05 | 2026-03-11 |
| CVE-2026-29123 | A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symlink abuse or shared object hijacking. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.6 | 0.01% | 2026-03-05 | 2026-03-11 |
| CVE-2026-29122 | International Data Casting (IDC) SFX2100 satellite receiver comes with the `/bin/date` utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file reads as the root user on the local file system. This allows an actor to be able to read any root read-only files, such as the /etc/shadow file or other configuration/secrets carrier files. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.3 | 0.01% | 2026-03-05 | 2026-03-11 |
| CVE-2026-29121 | International Data Casting (IDC) SFX2100 satellite receiver comes with the `/sbin/ip` utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file reads as the root user on the local file system and may potentially lead to other avenues for preforming privileged actions. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.3 | 0.01% | 2026-03-05 | 2026-03-11 |
| CVE-2026-29120 | The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation (IDC) SFX Series(SFX2100) SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the rockyou.txt wordlist. Because direct root SSH login is disabled, an attacker must first obtain low-privileged access to the system (e.g., via other vulnerabilities) to be able to log in as the root u | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 9.2 | 0.01% | 2026-03-04 | 2026-03-17 |
| CVE-2026-29119 | International Datacasting Corporation (IDC) SFX Series SuperFlex(SFX2100) SatelliteReceiver contains hardcoded and insecure credentials for the `admin` account. A remote unauthenticated attacker can use these undocumented credentials to access the satellite system directly via the Telnet service, leading to potential system compromise. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 8.8 | 0.42% | 2026-03-04 | 2026-03-17 |
| CVE-2026-28778 | International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the `xd` user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the `xd` user has write permissions to their home directory where root-executed binaries and symlinks (such as those invoked by `xdstartstop`) are stored, the attacker can overwrite these files or manipulate symlinks to achieve arbitrary code execut | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 7.9 | 0.55% | 2026-03-04 | 2026-03-17 |
| CVE-2026-28777 | International Datacasting Corporation (IDC) SFX2100 Satellite Receiver, trivial password for the `user` (usr) account. A remote unauthenticated attacker can exploit this to gain unauthorized SSH access to the system, while intially dropped into a restricted shell, an attacker can trivially spawn a complete pty to gain an appropriately interactive shell. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 9.2 | 0.42% | 2026-03-04 | 2026-03-17 |
| CVE-2026-28776 | International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the `monitor` account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell, the attacker can trivially break out to achieve standard shell functionality. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 7.8 | 0.42% | 2026-03-04 | 2026-03-17 |
| CVE-2026-28775 | An unauthenticated Remote Code Execution (RCE) vulnerability exists in the SNMP service of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver. The deployment insecurely provisions the `private` SNMP community string with read/write access by default. Because the SNMP agent runs as root, an unauthenticated remote attacker can utilize `NET-SNMP-EXTEND-MIB` directives, abusing the fact that the system runs a vulnerable version of net-snmp pre 5.8, to execute arbitrar | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 10.0 | 0.90% | 2026-03-04 | 2026-03-09 |
| CVE-2026-28774 | An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters (such as the pipe `|` operator) into the flags parameter, leading to the execution of arbitrary operating system commands with root privileges. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 9.3 | 0.17% | 2026-03-04 | 2026-03-09 |
| CVE-2026-28773 | The web-based Ping diagnostic utility (/IDC_Ping/main.cgi) in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web Management Interface version 101 is vulnerable to OS Command Injection. The application insecurely parses the `IPaddr` parameter. An authenticated attacker can bypass server-side semicolon exclusion checks by using alternate shell metacharacters (such as the pipe `|` operator) to append and execute arbitrary shell commands with root privileges. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 9.3 | 0.76% | 2026-03-04 | 2026-03-09 |
| CVE-2026-28772 | A Reflected Cross-Site Scripting (XSS) vulnerability in the /IDC_Logging/index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is triggered by sending a crafted payload through the `submitType` parameter, which is reflected directly into the DOM without proper escaping. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 5.1 | 0.06% | 2026-03-04 | 2026-03-09 |
| CVE-2026-28771 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The application fails to adequately sanitize user-supplied input provided via the `cat` parameter before reflecting it in the HTTP response, allowing a remote attacker to execute arbitrary HTML or JavaScript in the victim's browser context. | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 5.1 | 0.06% | 2026-03-04 | 2026-03-09 |
| CVE-2026-28770 | Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the `file` parameter directly into a CDATA block, allowing an authenticated attacker to break out of the tags and inject arbitrary XML elements. An actor is confirmed to be able to turn this into an reflected | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 5.3 | 0.05% | 2026-03-04 | 2026-03-09 |
| CVE-2026-28769 | A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the `file` parameter to traverse directories and enumerate arbitrary files on the underlying filesystem. Due to the insecure perl file path handling function in use, a authenticated actor is able to preform directory traversal, with the backup endpoint con | b7efe717-a805-47cf-8e9a-921fca0ce0ce | 5.3 | 0.47% | 2026-03-04 | 2026-03-09 |