CVE-2026-29126 - World-Writable, Root Owned/Run `/etc/udhcpc/default.script` in IDC SFX2100 Satel...

CVE ID : CVE-2026-29126 Published : March 5, 2026, 2:16 a.m. | 1 hour, 8 minutes ago Description : Incorrect permission assignment (world-writable file) in /etc/udhcpc/default.script in International Data Casting (IDC) SFX2100 Satellite Receiver allows a local unprivileged attacker to potentially execute arbitrary commands with root privileges (local privilege escalation and persistence) via modification of a root-owned, world-writable BusyBox udhcpc DHCP event script, which is executed when a DHCP lease is obtained, renewed, or lost. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...