Description
IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service.
Published: 2026-03-05
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Unprivileged modification of DNS configuration
Action: Patch ASAP
AI Analysis

Impact

The SFX2100 Satellite Receiver exposes a critical configuration file, /etc/resolv.conf, with world‑write permissions. This flaw permits any local user to overwrite the file, thereby controlling the DNS resolver settings. Such manipulation can redirect network traffic to malicious destinations, facilitate man‑in‑the‑middle attacks, or cause denial of service by disrupting DNS resolution.

Affected Systems

International Datacasting Corporation’s SFX2100 Satellite Receiver is affected. The vulnerability is present in firmware revisions that leave /etc/resolv.conf world‑writable; specific version ranges are not disclosed.

Risk and Exploitability

The CVSS base score of 7.1 indicates high severity, while the EPSS < 1% reflects a very low current exploitation probability. The flaw is not listed in CISA’s KEV catalog, suggesting no publicly known exploit at this time. Attackers would need local access to the device to modify the file, implying a local‑only vector, yet the impact remains significant if achieved.

Generated by OpenCVE AI on April 16, 2026 at 12:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Change the permissions on /etc/resolv.conf to allow writes only by the root user (e.g., chmod 644 or 640).
  • Restart or reload the networking or DNS resolver service to ensure the new permissions and configuration are active.
  • Apply any firmware update from International Datacasting Corporation that removes the world‑write permission on /etc/resolv.conf; if no update is available, consider restricting local user access or physically securing the device.

Generated by OpenCVE AI on April 16, 2026 at 12:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Datacast
Datacast sfx2100
Datacast sfx2100 Firmware
CPEs cpe:2.3:h:datacast:sfx2100:-:*:*:*:*:*:*:*
cpe:2.3:o:datacast:sfx2100_firmware:-:*:*:*:*:*:*:*
Vendors & Products Datacast
Datacast sfx2100
Datacast sfx2100 Firmware
Metrics cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Fri, 06 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared International Datacasting Corporation
International Datacasting Corporation sfx2100 Satellite Receiver
Vendors & Products International Datacasting Corporation
International Datacasting Corporation sfx2100 Satellite Receiver

Thu, 05 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 06:30:00 +0000

Type Values Removed Values Added
References

Thu, 05 Mar 2026 06:15:00 +0000

Type Values Removed Values Added
References

Thu, 05 Mar 2026 02:15:00 +0000

Type Values Removed Values Added
Description IDC SFX2100 Satalite Recievers set the `/etc/resolv.conf` file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service.
Title IDC SFX2100 Satellite Receiver allows unprivileged modification of DNS configuration due to world-writable `/etc/resolv.conf`
Weaknesses CWE-732
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H'}

Subscriptions

Datacast Sfx2100 Sfx2100 Firmware
International Datacasting Corporation Sfx2100 Satellite Receiver
cve-icon MITRE

Status: PUBLISHED

Assigner: Gridware

Published:

Updated: 2026-03-05T16:38:06.199Z

Reserved: 2026-03-04T07:53:45.786Z

Link: CVE-2026-29125

cve-icon Vulnrichment

Updated: 2026-03-05T16:38:02.889Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T02:16:51.833

Modified: 2026-03-11T18:35:19.347

Link: CVE-2026-29125

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T13:00:11Z

Weaknesses