CVE-2026-29126

🗓️ 05 Mar 2026 01:51:06Reported by GridwareType

cve🔗 web.nvd.nist.gov👁 6 Views🌐 WEB

World-writable root-owned /etc/udhcpc/default.script enables local privilege escalation via DHCP.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-29126	5 Mar 202601:51	–	attackerkb
Circl	CVE-2026-29126	5 Mar 202605:50	–	circl
CNNVD	International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞	5 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-29126 World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satellite Receiver Leads To Potential LPE	5 Mar 202601:51	–	cvelist
EUVD	EUVD-2026-9518	5 Mar 202603:31	–	euvd
NVD	CVE-2026-29126	5 Mar 202602:16	–	nvd
Positive Technologies	PT-2026-23122	5 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-29126	6 Mar 202607:52	–	redhatcve
Vulnrichment	CVE-2026-29126 World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satellite Receiver Leads To Potential LPE	5 Mar 202601:51	–	vulnrichment

NVD

Node

datacast sfx2100_firmwareMatch-

AND

datacast sfx2100Match-

[
  {
    "defaultStatus": "affected",
    "product": "SFX2100 Satellite Receiver",
    "vendor": "International Datacasting Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "SFX2100"
      }
    ]
  }
]

Source	Link
abdulmhsblog	www.abdulmhsblog.com/posts/sfx2100-vulns/

Parameter	Position	Path	Description	CWE
root-owned	path	/etc/udhcpc/default.script	Local privilege escalation via modification of the DHCP event script executed by udhcpc.	CWE-863, CWE-732
world-writable	path	/etc/udhcpc/default.script	Local privilege escalation via modification of the DHCP event script executed by udhcpc.	CWE-863, CWE-732
BusyBox udhcpc DHCP event script	path	/etc/udhcpc/default.script	Local privilege escalation via modification of the DHCP event script executed by udhcpc.	CWE-863, CWE-732

11 Mar 2026 18:34Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.17.8

CVSS 48.5

EPSS0.00018

SSVC