Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/03/05 7:51 a.m.6 views

CVE-2026-28769

A path traversal vulnerability exists in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the file parameter to traverse directories and enumerate...

6.5CVSS6.1AI score0.0064EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/04 9:31 a.m.2 views

EUVD-2026-9367

A Reflected Cross-Site Scripting XSS vulnerability in the /IDCLogging/index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is...

5.1CVSS6.2AI score0.0021EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/04 9:31 a.m.6 views

EUVD-2026-9369

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

9.3CVSS6.2AI score0.02432EPSS
Exploits1References2
CVE
CVE
added 2026/03/04 7:34 a.m.10 views

CVE-2026-28776

Summary of the vulnerability (CVE-2026-28776) : IDC SFX2100/SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the logical monitor user. A remote, unauthenticated attacker can use these trivial, undocumented credentials to access the device via SSH, initially in a restricte...

9.8CVSS6AI score0.00476EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/04 7:22 a.m.6 views

CVE-2026-28774 Authenticated OS Command Injection via Traceroute Utility leads to Root RCE

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

9.3CVSS6.2AI score0.02432EPSS
Exploits1References1
NVD
NVD
added 2026/03/04 7:16 a.m.8 views

CVE-2026-28770

Improper neutralization of special elements in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the file...

8.8CVSS0.00367EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.9 views

PT-2026-22876

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 Description An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility. An authenticated...

9.3CVSS6.2AI score0.02432EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.9 views

International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface 安全漏洞

The International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface is a web-based management backend for the satellite receiver devices produced by the International Datacasting company. Version 101 of the International Datacasting SFX Series SuperFlex Satellite Receiv...

6.1CVSS5.6AI score0.0021EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.6 views

International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface 安全漏洞

The International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface is a web-based management backend for the satellite receiver devices produced by the International Datacasting company. Version 101 of the International Datacasting SFX Series SuperFlex Satellite Receiv...

9.3CVSS5.8AI score0.02432EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.8 views

PT-2026-22877

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver versions prior to 5.8 Description An unauthenticated Remote Code Execution RCE issue exists in the SNMP service. The system insecurely configures the private SNMP...

10CVSS6.3AI score0.01199EPSS
Exploits1References9
Rows per page
Query Builder