Sfx2100 Firmware
CVE-2026-28773
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
The web-based Ping diagnostic utility (/IDC_Ping/main.cgi) in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web Management Interface version 101 is vulnerable to OS Command Injection. The application insecurely parses the IPaddr parameter. An authenticated attacker can bypass server-side semicolon exclusion checks by using alternate shell metacharacters (such as the pipe | operator) to append and execute arbitrary shell commands with root privileges.
AnalysisAI
Authenticated attackers can execute arbitrary OS commands with root privileges on IDC SFX2100 satellite receivers through command injection in the web-based Ping utility, bypassing input filters by using alternate shell metacharacters like the pipe operator. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the web management interface and allows complete system compromise for any authenticated user.
Technical ContextAI
Classified as CWE-78 (OS Command Injection). Affects Sfx2100 Firmware. The web-based Ping diagnostic utility (/IDC_Ping/main.cgi) in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web Management Interface version 101 is vulnerable to OS Command Injection. The application insecurely parses the IPaddr parameter. An authenticated attacker can bypass server-side semicolon exclusion checks by using alternate shell metacharacters (such as the pipe | operator) to append and execute arbitrary shell commands with root privileges.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
More in Sfx2100 Firmware
View allPlaintext daemon credentials in IDC SFX2100 routing config files (zebra, bgpd, ospfd, ripd). CVSS 10.0. PoC available.
Hardcoded/insecure credentials in IDC SFX Series SuperFlex Satellite Receiver. Multiple accounts with known credentials
Authenticated attackers can achieve remote code execution with root privileges on IDC SFX2100 satellite receiver devices
XML injection in the IDC SFX2100 satellite receiver web interface allows authenticated attackers to inject arbitrary XML
The setuid bit on the /sbin/ip utility in IDC SFX2100 satellite receiver firmware allows local users to execute privileg
Sfx2100 Firmware versions up to - is affected by incorrect permission assignment for critical resource (CVSS 7.8).
Sfx2100 Satellite Receiver firmware contains multiple SUID root binaries in predictable locations that allow local privi
Local privilege escalation in IDC SFX2100 firmware affects Linux systems through a SUID binary vulnerable to PATH hijack
Local privilege escalation in IDC SFX2100 Satellite Receiver firmware occurs due to overly permissive file system permis
Authenticated users can exploit a path traversal vulnerability in the SFX2100 firmware's logging interface to enumerate
Reflected XSS in IDC SFX2100 Firmware's logging interface allows remote attackers to inject malicious scripts through th
The SFX2100 web management interface fails to sanitize the `cat` parameter in /index.cgi, enabling reflected XSS attacks
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today