CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

35 matches found

RedhatCVE•added 2026/03/05 1:39 p.m.•4 views

CVE-2026-29120

The /root/anaconda-ks.cfg installation configuration file in International Datacasting Corporation IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver insecurely stores the hardcoded root password hash. The password itself is highly insecure and susceptible to offline dictionary attacks using the...

9.2CVSS5.9AI score0.00142EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:51 a.m.•3 views

CVE-2026-28775

An unauthenticated Remote Code Execution RCE vulnerability exists in the SNMP service of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver. The deployment insecurely provisions the private SNMP community string with read/write access by default. Because the SNMP age...

10CVSS6.3AI score0.01199EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:51 a.m.•3 views

CVE-2026-28776

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

9.8CVSS6AI score0.00476EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:51 a.m.•5 views

CVE-2026-28769

A path traversal vulnerability exists in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the file parameter to traverse directories and enumerate...

6.5CVSS6.1AI score0.0064EPSS

Exploits1References1

RedhatCVE•added 2026/03/05 7:51 a.m.•4 views

CVE-2026-28773

The web-based Ping diagnostic utility /IDCPing/main.cgi in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web Management Interface version 101 is vulnerable to OS Command Injection. The application insecurely parses the IPaddr parameter. An authenticated attacke...

9.3CVSS6.2AI score0.02088EPSS

Exploits1References1

CNNVD•added 2026/03/05 12:0 a.m.•3 views

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the presence of binary...

8.6CVSS5.8AI score0.00119EPSS

Exploits1References1

CNNVD•added 2026/03/05 12:0 a.m.•2 views

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has security vulnerabilities; these vulnerabilities stem from the...

7.1CVSS5.8AI score0.00106EPSS

Exploits1References1

CNNVD•added 2026/03/05 12:0 a.m.•2 views

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device from the International Datacasting company. The International Datacasting SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from...

8.5CVSS6AI score0.00142EPSS

Exploits1References1

CNNVD•added 2026/03/05 12:0 a.m.•2 views

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from overly permissive file...

9.2CVSS5.8AI score0.00169EPSS

Exploits1References1

EUVD•added 2026/03/04 9:31 a.m.•6 views

EUVD-2026-9374

International Datacasting Corporation IDC SFX Series SuperFlexSFX2100 SatelliteReceiver contains hardcoded and insecure credentials for the admin account. A remote unauthenticated attacker can use these undocumented credentials to access the satellite system directly via the Telnet service, leadi...

8.8CVSS6AI score0.00486EPSS

Exploits1References2

EUVD•added 2026/03/04 9:31 a.m.•3 views

EUVD-2026-9370

An unauthenticated Remote Code Execution RCE vulnerability exists in the SNMP service of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver. The deployment insecurely provisions the private SNMP community string with read/write access by default. Because the SNMP age...

10CVSS6.3AI score0.01199EPSS

Exploits1References2

NVD•added 2026/03/04 8:16 a.m.•6 views

CVE-2026-29119

International Datacasting Corporation IDC SFX Series SuperFlexSFX2100 SatelliteReceiver contains hardcoded and insecure credentials for the admin account. A remote unauthenticated attacker can use these undocumented credentials to access the satellite system directly via the Telnet service, leadi...

9.8CVSS0.00486EPSS

Exploits1References1

NVD•added 2026/03/04 8:16 a.m.•6 views

CVE-2026-28774

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

9.3CVSS0.02432EPSS

Exploits1References1

Vulnrichment•added 2026/03/04 7:49 a.m.•4 views

CVE-2026-28778 Hardcoded FTP Credentials and LPE(via Insecure Permissions) for `xd` Local Account on IDC SFX2100

International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the xd user account. A remote unauthenticated attacker can log in via FTP using these credentials. Because the xd user has write permissions to their home...

7.9CVSS6.5AI score0.00849EPSS

Exploits1References1

CVE•added 2026/03/04 7:34 a.m.•6 views

CVE-2026-28776

Summary of the vulnerability (CVE-2026-28776) : IDC SFX2100/SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the logical monitor user. A remote, unauthenticated attacker can use these trivial, undocumented credentials to access the device via SSH, initially in a restricte...

9.8CVSS6AI score0.00476EPSS

Exploits1References1Affected Software1

Cvelist•added 2026/03/04 7:24 a.m.•29 views

CVE-2026-28775 Unauthenticated RCE via SNMP Default Writable Community String

An unauthenticated Remote Code Execution RCE vulnerability exists in the SNMP service of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver. The deployment insecurely provisions the private SNMP community string with read/write access by default. Because the SNMP age...

10CVSS0.01199EPSS

Exploits1References1

CVE•added 2026/03/04 7:16 a.m.•10 views

CVE-2026-28773

The CVE-2026-28773 entry concerns the IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface (version 101). Affected component: the web-based Ping diagnostic utility at /IDC_Ping/main.cgi. Root cause: insecure parsing of the IPaddr parameter enables OS command injection by bypassing ...

9.3CVSS6.2AI score0.02088EPSS

Exploits1References1Affected Software1

NVD•added 2026/03/04 7:16 a.m.•6 views

CVE-2026-28770

Improper neutralization of special elements in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the file...

8.8CVSS0.00367EPSS

Exploits1References1

Cvelist•added 2026/03/04 7:2 a.m.•27 views

CVE-2026-28769 LFI in /IDC_Logging/checkifdone.cgi, "file" parameter Allowing for File Existence Enumeration On IDC Satellite Receiver Web Management Interface Version 101

A path traversal vulnerability exists in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the file parameter to traverse directories and enumerate...

5.3CVSS0.0064EPSS

Exploits1References1

Vulnrichment•added 2026/03/04 7:2 a.m.•4 views

CVE-2026-28769 LFI in /IDC_Logging/checkifdone.cgi, "file" parameter Allowing for File Existence Enumeration On IDC Satellite Receiver Web Management Interface Version 101

A path traversal vulnerability exists in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the file parameter to traverse directories and enumerate...

5.3CVSS6.1AI score0.0064EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by