CVE-2026-29126
HIGHInternational Data Casting SFX2100 Satellite Receiver - Local Privilege Escalation via World-Writable DHCP Event Script
Title source: llmDescription
Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.script in International Data Casting (IDC) SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges (local privilege escalation and persistence) via modification of a root-owned, world-writable BusyBox udhcpc DHCP event script, which is executed when a DHCP lease is obtained, renewed, or lost.
References (2)
Core 2
Core References
Various Sources
https://www.abdulmhsblog.com/posts/spfx-vulnrabilities/
Various Sources
https://www.abdulmhsblog.com/posts/sfx2100-vulns/
Scores
CVSS v3
7.8
EPSS
0.0014
EPSS Percentile
3.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-732
CWE-863
Status
published
Products (1)
datacast/sfx2100_firmware
Published
Mar 05, 2026
Tracked Since
Mar 05, 2026