CVE-2026-29119 Hardcoded and Insecure Credentials for "Admin" Account providing Telnet Access on IDC SFX2100 Satellite Receiver

International Datacasting Corporation IDC SFX Series SuperFlexSFX2100 SatelliteReceiver contains hardcoded and insecure credentials for the admin account. A remote unauthenticated attacker can use these undocumented credentials to access the satellite system directly via the Telnet service, leadi...

CVE-2026-29119

CVE-2026-29119 concerns the IDC SFX Series SuperFlex(SFX2100) SatelliteReceiver, which reportedly ships with hardcoded and insecure credentials for the admin account. A remote unauthenticated attacker could abuse these undocumented credentials to access the satellite system directly via the Telne...

CVE-2026-29119

International Datacasting Corporation IDC SFX Series SuperFlexSFX2100 SatelliteReceiver contains hardcoded and insecure credentials for the admin account. A remote unauthenticated attacker can use these undocumented credentials to access the satellite system directly via the Telnet service, leadi...

CVE-2026-28778

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

CVE-2026-28778

IDC SFX Series SuperFlex Satellite Receiver (IDC SFX2100) exposes undocumented hardcoded credentials for the xd user, enabling remote FTP access. The xd user’s home directory contains root‑executed binaries and related symlinks (e.g., xdstartstop); an unauthenticated attacker could overwrite file...

CVE-2026-28778 Hardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

CVE-2026-28778 Hardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

CVE-2026-28777 Hardcoded and Insecure Credentials for "User" Local Account with SSH Access On IDC SFX2100 Satellite Receiver

International Datacasting Corporation IDC SFX2100 Satellite Receiver, trivial password for the user usr account. A remote unauthenticated attacker can exploit this to gain unauthorized SSH access to the system, while intially dropped into a restricted shell, an attacker can trivially spawn a...

CVE-2026-28777

The SFX2100 Satellite Receiver from IDC is affected by a credential issue: a trivial password for the user (usr) account enables remote unauthenticated SSH access. An attacker can land in a restricted shell and trivially spawn a full pty for an interactive shell, leading to high impact on confide...

CVE-2026-28776 Hardcoded and Insecure Credentials for "monitor" account with SSH Access On IDC SFX2100 Satellite Receiver

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

CVE-2026-28776

IDC SFX Series SuperFlex SatelliteReceiver is affected by hardcoded credentials for the monitor account, allowing remote, unauthenticated SSH access. Initial access starts in a restricted shell, with the attacker able to break out to a full shell. The CVSS metrics indicate NETWORK access, LOW int...

CVE-2026-28776 Hardcoded and Insecure Credentials for "monitor" account with SSH Access On IDC SFX2100 Satellite Receiver

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

CVE-2026-28776

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

PT-2026-22882

Name of the Vulnerable Software and Affected Versions IDC SFX Series SuperFlexSFX2100 SatelliteReceiver affected versions not specified Description The IDC SFX Series SuperFlexSFX2100 SatelliteReceiver contains hardcoded and insecure credentials for the admin account. A remote, unauthenticated...

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from hardcoded credentials ...

PT-2026-22881

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver affected versions not specified Description The IDC SFX Series SuperFlex Satellite Receiver is affected by hardcoded, insecure credentials for the xd user accoun...

PT-2026-22878

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver affected versions not specified Description The IDC SFX Series SuperFlex SatelliteReceiver includes hardcoded credentials for the monitor account. A remote,...

CVE-2026-27751

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement t...

CVE-2026-21660

Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...

EUVD-2026-9040

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement t...