CVE-2026-29125

MEDIUM

IDC SFX2100 - Privilege Escalation

Title source: llm

Description

IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service.

References (2)

[Various Sources] https://www.abdulmhsblog.com/posts/spfx-vulnrabilities/

[Various Sources] https://www.abdulmhsblog.com/posts/sfx2100-vulns/

Scores

CVSS v3 4.7

EPSS 0.0001

EPSS Percentile 3.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (1)

datacast/sfx2100_firmware

Published Mar 05, 2026

Tracked Since Mar 05, 2026