CVE-2026-28777
International Datacasting Corporation (IDC)
SFX2100 Satellite Receiver, trivial password for the `user` (usr) account.
International Datacasting Corporation (IDC) SFX2100 Satellite Receiver, trivial password for the user (usr) account. A remote unauthenticated attacker can exploit this to gain unauthorized SSH access to the system, while intially dropped into a restricted shell, an attacker can trivially spawn a complete pty to gain an appropriately interactive shell.
CRITICAL · CVSS 9.8
EPSS 0.00435
Act now
- Public exploit or PoC is available
- SSVC automatable: yes - attacks can be scripted at scale
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0