CVE-2026-29125
World-Writable /etc/resolv.conf in IDC SFX2100 Enables DNS Tampering
Publication date: 2026-03-05
Last updated on: 2026-03-11
Assigner: Gridware
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| datacast | sfx2100_firmware | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in IDC SFX2100 Satellite Receivers involves the system setting the /etc/resolv.conf file to be world-writable by any local user.
This misconfiguration allows any local user to modify the DNS resolver settings, which can lead to DNS resolver tampering.
As a result, attackers can redirect network communications, perform man-in-the-middle attacks, or cause denial of service.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized local users to alter DNS settings, which can redirect your network traffic to malicious destinations.
Such redirection can facilitate man-in-the-middle attacks, where attackers intercept or manipulate your communications.
Additionally, it can cause denial of service by disrupting normal network resolution processes.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the /etc/resolv.conf file being set to world-writable by any local user, which can allow DNS resolver tampering.
To detect this vulnerability on your system, you can check the permissions of the /etc/resolv.conf file to see if it is world-writable.
- Run the command: ls -l /etc/resolv.conf
- If the permissions show 'rw-rw-rw-' or similar (i.e., others have write permission), the file is world-writable and vulnerable.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should immediately remove the world-writable permission from the /etc/resolv.conf file.
- Run the command: chmod 644 /etc/resolv.conf
This sets the file permissions to be writable only by the owner (usually root), preventing unauthorized local users from tampering with DNS resolver settings.
Additionally, review and monitor the permissions of this file regularly to ensure it remains secure.