What is the CVSS score of CVE-2026-28770?

CVE-2026-28770 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Sfx2100 Firmware are affected by CVE-2026-28770?

A high-severity XML injection vulnerability affects IDC SFX Series SuperFlex Satellite Receiver web interfaces, allowing attackers to manipulate application logic and potentially access sensitive…

Is there a public PoC exploit available for CVE-2026-28770?

Yes, a public proof-of-concept exploit is available for CVE-2026-28770. Prioritise patching immediately. EPSS: 0.1%.

Sfx2100 Firmware CVE-2026-28770

HIGH

XML Injection (aka Blind XPath Injection) (CWE-91)

2026-03-04 b7efe717-a805-47cf-8e9a-921fca0ce0ce

XSS XXE Sfx2100 Firmware

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:05 vuln.today

PoC Detected

Mar 09, 2026 - 18:23 vuln.today

Public exploit code

CVE Published

Mar 04, 2026 - 07:16 nvd

HIGH 8.8

DescriptionNVD

Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the file parameter directly into a CDATA block, allowing an authenticated attacker to break out of the tags and inject arbitrary XML elements. An actor is confirmed to be able to turn this into an reflected XSS but further abuse such as XXE may be possible

AnalysisAI

XML injection in the IDC SFX2100 satellite receiver web interface allows authenticated attackers to inject arbitrary XML elements and execute reflected cross-site scripting attacks through unsanitized input in the checkifdone.cgi script. Public exploit code exists for this vulnerability, and potential for more severe attacks such as XXE exploitation has not been ruled out. …

RemediationAI

Within 24 hours: Identify and inventory all IDC SFX Series SuperFlex Satellite Receiver devices in production; disable remote web management access or restrict to trusted networks only. Within 7 days: Implement WAF rules to block malicious XML payloads targeting /IDC_Logging/checkifdone.cgi; isolate affected devices to a segmented network with egress filtering. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-28770 vulnerability details – vuln.today

Back

Sfx2100 Firmware CVE-2026-28770

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code