CVE-2026-28769

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version 101

Description A path traversal issue exists in the /IDC Logging/checkifdone.cgi script. An authenticated attacker can manipulate the file parameter to access arbitrary files on the system. This is due to insecure file path handling within the perl script. The vulnerability allows directory traversal, and the system confirms file existence through backup operation status.

Recommendations Update to a newer version that contains a fix for this vulnerability.