CVE-2026-29126

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

EUVD-2026-9518

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

CVE-2026-29126

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

CVE-2026-29126

The CVE describes an issue in the International Data Casting (IDC) SFX2100 Satellite Receiver where a root-owned, world-writable /etc/udhcpc/default.script can be modified by a local unprivileged attacker. The script is executed on DHCP lease events, enabling local privilege escalation and persis...

CVE-2026-29126

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

CVE-2026-29126 World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satellite Receiver Leads To Potential LPE

Incorrect permission assignment world-writable file in /etc/udhcpc/default.script in International Data Casting IDC SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges local privilege escalation and persistence via...

CVE-2026-29125 IDC SFX2100 Satellite Receiver allows unprivileged modification of DNS configuration due to world-writable `/etc/resolv.conf`

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

PT-2026-23122

Name of the Vulnerable Software and Affected Versions IDC SFX2100 Satellite Receiver affected versions not specified Description A misconfiguration involving incorrect permission assignment of a world-writable file, specifically /etc/udhcpc/default.script, exists. This allows a local, unprivilege...

EUVD-2018-12039

Malware in sbrugna...

EUVD-2000-0492

Malware in sbrugna...

EUVD-2021-29988

Malicious code in bioql PyPI...

GHSA-9GP8-6CG8-7H34 Spring Security's spring-security.xsd file is world writable

The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical...

PT-2023-24653 · Spring · Spring Security

Name of the Vulnerable Software and Affected Versions: Spring Security versions prior to 5.8.7 Spring Security versions prior to 6.0.7 Spring Security versions prior to 6.1.4 Spring Security versions prior to 6.2.0-M1 Description: The spring-security.xsd file inside the spring-security-config jar...

CVE-2021-43034

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation...

Privilege escalation

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation...

Command injection

IBM Netezza Platform Software IBM PureData System for Analytics 1.0.0 could allow a local user to modify a world writable file, which could be used to execute commands as root. IBM X-Force ID: 140211...

CVE-2018-1460

IBM Netezza Platform Software IBM PureData System for Analytics 1.0.0 could allow a local user to modify a world writable file, which could be used to execute commands as root. IBM X-Force ID: 140211...

CVE-2018-1460

CVE-2018-1460 affects IBM Netezza Platform Software (IBM PureData System for Analytics) versions 7.0.4 through 7.2.1.6. A local attacker can modify a world-writable file to execute commands with root privileges, enabling local privilege escalation. IBM’s security bulletin confirms the vulnerabili...

Borland Interbase weak permissions

File /opt/interbase/admin.ib is world writable...

CVE-2000-0494

Veritas Volume Manager creates a world writable .serverpids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsaserver script...