{"uuid": "653d849b-6365-462a-b068-bfcaa704bc62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2026-28774", "type": "seen", "source": "https://t.me/cKure/16019", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2026-28774\nAn OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters (such as the pipe | operator) into the flags parameter, leading to the execution of arbitrary operating system commands with root privileges.", "creation_timestamp": "2026-03-04T09:13:02.000000Z"}