{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-29125", "assignerOrgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "state": "PUBLISHED", "assignerShortName": "Gridware", "dateReserved": "2026-03-04T07:53:45.786Z", "datePublished": "2026-03-05T01:38:18.502Z", "dateUpdated": "2026-03-05T16:38:06.199Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "SFX2100 Satellite Receiver", "vendor": "International Datacasting Corporation", "versions": [{"status": "affected", "version": "SFX2100"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Abdul Mhanni"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IDC SFX2100 Satalite Recievers set the `<code>/etc/resolv.conf` file to be world-</code>writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service."}], "value": "IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service."}], "impacts": [{"capecId": "CAPEC-598", "descriptions": [{"lang": "en", "value": "CAPEC-598 DNS Spoofing"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 7.1, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "shortName": "Gridware", "dateUpdated": "2026-03-05T05:57:22.264Z"}, "references": [{"url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}], "source": {"discovery": "UNKNOWN"}, "title": "IDC SFX2100 Satellite Receiver allows unprivileged modification of DNS configuration due to world-writable `/etc/resolv.conf`", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T16:37:58.841329Z", "id": "CVE-2026-29125", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T16:38:06.199Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-29125", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-05T16:37:58.841329Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T16:38:02.889Z"}}], "cna": {"title": "IDC SFX2100 Satellite Receiver allows unprivileged modification of DNS configuration due to world-writable `/etc/resolv.conf`", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Abdul Mhanni"}], "impacts": [{"capecId": "CAPEC-598", "descriptions": [{"lang": "en", "value": "CAPEC-598 DNS Spoofing"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "International Datacasting Corporation", "product": "SFX2100 Satellite Receiver", "versions": [{"status": "affected", "version": "SFX2100"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service.", "supportingMedia": [{"type": "text/html", "value": "IDC SFX2100 Satalite Recievers set the `<code>/etc/resolv.conf` file to be world-</code>writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "shortName": "Gridware", "dateUpdated": "2026-03-05T05:57:22.264Z"}}}, "cveMetadata": {"cveId": "CVE-2026-29125", "state": "PUBLISHED", "dateUpdated": "2026-03-05T16:38:06.199Z", "dateReserved": "2026-03-04T07:53:45.786Z", "assignerOrgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "datePublished": "2026-03-05T01:38:18.502Z", "assignerShortName": "Gridware"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:datacast:sfx2100_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C57B6A9-CAF9-4C8A-85FC-562E16F291FE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:datacast:sfx2100:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A3BC5C9-39D5-4908-B470-A46E9ECFD6AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service."}, {"lang": "es", "value": "Los receptores de sat\u00e9lite IDC SFX2100 configuran el archivo '/etc/resolv.conf' para que sea escribible por cualquier usuario local, permitiendo la manipulaci\u00f3n del resolvedor DNS que puede redirigir las comunicaciones de red, facilitar ataques man-in-the-middle y causar denegaci\u00f3n de servicio."}], "id": "CVE-2026-29125", "lastModified": "2026-03-11T18:35:19.347", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "type": "Secondary"}]}, "published": "2026-03-05T02:16:51.833", "references": [{"source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.abdulmhsblog.com/posts/sfx2100-vulns/"}], "sourceIdentifier": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "SFX2100"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "SFX2100 Satellite Receiver", "source": "cna", "vendor": "International Datacasting Corporation"}, "product": "sfx2100_satellite_receiver", "vendor": "international_datacasting_corporation"}], "analysis": {"en": {"generated_at": "2026-04-16T12:59:11.638272+00:00", "value": {"mitigation_remediation": ["Change the permissions on /etc/resolv.conf to allow writes only by the root user (e.g., chmod 644 or 640).", "Restart or reload the networking or DNS resolver service to ensure the new permissions and configuration are active.", "Apply any firmware update from International Datacasting Corporation that removes the world\u2011write permission on /etc/resolv.conf; if no update is available, consider restricting local user access or physically securing the device."], "summary": {"action": "Patch ASAP", "impact": "Unprivileged modification of DNS configuration"}, "threat_synthesis": {"affected_systems": "International Datacasting Corporation\u2019s SFX2100 Satellite Receiver is affected. The vulnerability is present in firmware revisions that leave /etc/resolv.conf world\u2011writable; specific version ranges are not disclosed.", "description_and_impact": "The SFX2100 Satellite Receiver exposes a critical configuration file, /etc/resolv.conf, with world\u2011write permissions. This flaw permits any local user to overwrite the file, thereby controlling the DNS resolver settings. Such manipulation can redirect network traffic to malicious destinations, facilitate man\u2011in\u2011the\u2011middle attacks, or cause denial of service by disrupting DNS resolution.", "risk_and_exploitability": "The CVSS base score of 7.1 indicates high severity, while the EPSS < 1% reflects a very low current exploitation probability. The flaw is not listed in CISA\u2019s KEV catalog, suggesting no publicly known exploit at this time. Attackers would need local access to the device to modify the file, implying a local\u2011only vector, yet the impact remains significant if achieved."}}}}, "created": "2026-03-06T15:18:00.603584+00:00", "updated": "2026-04-16T13:00:11.092469+00:00", "vendors": ["international_datacasting_corporation", "international_datacasting_corporation$PRODUCT$sfx2100_satellite_receiver"]}