World-Writable Configuration Flaw in IDC SFX2100 Satellite Receivers
CVE-2026-29125

7.1HIGH

Key Information:

Vendor: International Datacasting Corporation
Status: Sfx2100 Satellite Receiver
Vendor: CVE Published:; 5 March 2026

🔔 Create International Datacasting Corporation Vulnerability Alert

What is CVE-2026-29125?

The IDC SFX2100 Satellite Receiver is vulnerable due to improper permissions set on its /etc/resolv.conf file, which is world-writable. This security gap allows any local user to alter DNS resolution settings, potentially leading to serious security implications. Attackers can redirect network traffic, execute man-in-the-middle attacks, and even disrupt service availability. Mitigating this vulnerability is crucial for ensuring the integrity and security of network communications.

Affected Version(s)

SFX2100 Satellite Receiver SFX2100

References

https://www.abdulmhsblog.com/posts/sfx2100-vulns/

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 5, 2026
Vulnerability Reserved
Mar 4, 2026

Credit

Abdul Mhanni

CVE-2026-29125 Data

JSON