Datacast Vulnerabilities
Comprehensive security vulnerability database for Datacast products
3
3
1
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-28775 | 10.0 | An attacker can remotely take complete control of the SFX Series SuperFlex Satellite Receiver because it allows unauthorized access to its SNMP service, which is set up insecurely with a default password that gives full access. This vulnerability requires no authentication, meaning anyone can exploit it to run any command on the device as if they were the system's administrator. | datacastsfx2100 firmware | Theoretical | about 1 month agoMar 4, 2026 |
| CVE-2026-28774 | 9.3 | This vulnerability allows an attacker with valid login credentials to run any command on the system with full administrative rights by manipulating a specific setting in the web-based Traceroute tool. If exploited, this could enable the attacker to take complete control of the device and potentially compromise the entire network. | datacastsfx2100 firmware | Theoretical | about 1 month agoMar 4, 2026 |
| CVE-2026-28773 | 9.3 | This vulnerability allows an attacker who is already logged into the web management interface of the SFX Series satellite receiver to run any command on the device with full root access. By cleverly using certain characters in the input, they can bypass security checks and execute malicious commands, potentially taking complete control of the system. | datacastsfx2100 firmware | Theoretical | about 1 month agoMar 4, 2026 |
About Datacast Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Datacast products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.