CRITICAL🇵🇱 Wersja polska

CVE-2026-28775

CVSS 10.0v4.0pub. 2026-03-04upd. 2026-03-09

An unauthenticated Remote Code Execution (RCE) vulnerability exists in the SNMP service of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver. The deployment insecurely provisions the `private` SNMP community string with read/write access by default. Because the SNMP agent runs as root, an unauthenticated remote attacker can utilize `NET-SNMP-EXTEND-MIB` directives, abusing the fact that the system runs a vulnerable version of net-snmp pre 5.8, to execute arbitrary operating system commands with root privileges.

🤖 AI Analysis
How it works

The device by default configures the community string 'private' with read and write access to the SNMP service, requiring no authentication beyond knowledge of this string. The SNMP agent runs with root privileges, and the device uses a vulnerable version of the net-snmp library older than 5.8. Attacker can exploit NET-SNMP-EXTEND-MIB directives to inject and execute arbitrary operating system commands via the SNMP protocol.

Impact

Attacker gains full control over the device with root privileges, allowing execution of arbitrary system commands, modification of configuration, installation of malicious software, or violation of confidentiality and integrity of satellite transmission.

Mitigation & patch

Patches available from the manufacturer should be applied according to references. As immediate actions, it is recommended to: change the default community string 'private' to a unique and strong string, restrict access to the SNMP service only to trusted IP addresses using ACL or firewall, disable the SNMP service if not required, and update the net-snmp library to version 5.8 or newer.

Who is affected

Firmware software of Datacast SFX2100 devices (IDC SFX Series SuperFlex Satellite Receiver) using vulnerable net-snmp version older than 5.8 with default community string 'private' configuration

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Datacast Sfx2100

    HW
    Datacast
    wszystkie wersje
  • Datacast Sfx2100 Firmware

    OS
    Datacast
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-29127CRITICAL9.2PL ✓ten sam produkt

IDC SFX2100: błędne uprawnienia katalogu umożliwiają privilege escalation

CVE-2026-28777CRITICAL9.2PL ✓ten sam produkt

Hardcoded hasło w urządzeniu IDC SFX2100 – nieautoryzowany dostęp SSH

CVE-2026-28774CRITICAL9.3PL ✓ten sam produkt

Command Injection w narzędziu Traceroute interfejsu IDC SFX2100

CVE-2026-28773CRITICAL9.3PL ✓ten sam produkt

Command injection w narzędziu diagnostycznym Ping urządzenia IDC SFX2100

CVE-2026-29120CRITICAL9.2PL ✓ten sam produkt

Hardcoded root password hash w firmware IDC SFX2100 — privilege escalation