Medium severity4.3NVD Advisory· Published Mar 16, 2026· Updated Apr 14, 2026

CVE-2017-20221

Description

Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.

Affected products

Telesquare/Sdt Cs3b1 Firmware
cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/145550nvdExploitThird Party Advisory
www.exploit-db.com/exploits/43400/nvdExploitVDB Entry
www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5443.phpnvdExploitThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/136839nvdThird Party Advisory
www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-csrf-system-command-executionnvdThird Party Advisory
cxsecurity.com/issue/WLB-2017120299nvdIssue Tracking

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000