CVE-2026-29128

IDC SFX2100 Satellite Receiver bgpd/ospfd/ripd/zebra Config Credential Disclosure via World-Readable Files

Assigner: Gridware
Reserved: 04.03.2026 Published: 05.03.2026 Updated: 05.03.2026

IDC SFX2100 Satellite Receiver firmware ships with multiple daemon configuration files for routing components (e.g., zebra, bgpd, ospfd, and ripd) that are owned by root but world-readable. The configuration files (e.g., zebra.conf, bgpd.conf, ospfd.conf, ripd.conf) contain hardcoded or otherwise insecure plaintext passwords (including “enable”/privileged-mode credentials). A remote actor is able to abuse the reuse/hardcoded nature of these credentials to further access other systems in the network, gain a foothold on the satellite receiver or potentially locally privilege escalate.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
CVSS Score: 8.6

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Local	Confidentiality	High	Confidentiality	High
Attack Complexity	High	Integrity	High	Integrity	High
Attack Requirements	Present	Availability	None	Availability	None
Privileges Required	Low
User Interaction	None

CVSS 4.0

Product Status

Vendor	International Datacasting Corporation
Product	SFX2100 Satellite Receiver
Versions	Default: affected Version SFX2100 is affected

Vendor

International Datacasting Corporation

Product

SFX2100 Satellite Receiver

Versions

Default: affected

Version SFX2100 is affected

Credits

Abdul Mhanni finder

References

Problem Types

CWE-522 Insufficiently Protected Credentials CWE
CWE-798 Use of Hard-coded Credentials CWE

Impacts

CAPEC-122 Privilege Abuse