Security Advisory

CVE-2026-28776

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-04 07:34:30

Last updated 2026-03-05 05:59:08

Assigner Gridware

State PUBLISHED

Description

International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the `monitor` account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell, the attacker can trivially break out to achieve standard shell functionality.

← Browse all CVEs View on cve.org ↗