Insecure Credentials Vulnerability in IDC SFX Series SuperFlex Satellite Receiver
CVE-2026-29119

8.8HIGH

Key Information:

Vendor: International Datacasting Corporation (idc)
Status: Sfx2100 Series Superflex Satellitereceiver
Vendor: CVE Published:; 4 March 2026

🔔 Create International Datacasting Corporation (idc) Vulnerability Alert

What is CVE-2026-29119?

The SFX Series SuperFlex (SFX2100) Satellite Receiver by International Datacasting Corporation includes hardcoded and insecure credentials for the admin account. This flaw enables a remote unauthenticated attacker to gain unauthorized access to the satellite system via the Telnet service, possibly resulting in a serious system compromise. Organizations using this device must review their security measures to safeguard against potential exploitation.

Affected Version(s)

SFX2100 Series SuperFlex SatelliteReceiver SFX2100

References

https://www.abdulmhsblog.com/posts/sfx2100-vulns/

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 4, 2026
Vulnerability Reserved
Mar 4, 2026

Credit

Abdul Mhanni

CVE-2026-29119 Data

JSON