CVE-2026-29128

IDC SFX2100 Satellite Receiver bgpd/ospfd/ripd/zebra Config Credential Disclosure via World-Readable Files

CVSS 8.6 HIGHEPSS 0.3%CWE-522 CWE-798

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.6EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

05 Mar 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components (e.g., zebra, bgpd, ospfd, and ripd) that are owned by root but world-readable. The configuration files (e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf) contain hardcoded or otherwise insecure plaintext passwords (including “enable”/privileged-mode credentials). A remote actor is able to abuse the reuse/hardcoded nature of these credentials to further access other systems in the network, gain a foothold on the satellite receiver or potentially locally privilege escalate.

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

Affected products

International Datacasting Corporation · SFX2100 Satellite Receiver

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.abdulmhsblog.com/posts/sfx2100-vulns/