← voltar
CVE-2017-20221

Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution

CVSS 5.3 MEDIUMEPSS 0.3%CWE-352
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
16 mar 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L
Produtos afetados
Telesquare · SDT-CS3B1

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cxsecurity.com/issue/WLB-2017120299https://exchange.xforce.ibmcloud.com/vulnerabilities/136839https://packetstormsecurity.com/files/145550https://www.exploit-db.com/exploits/43400/https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-csrf-system-command-executionhttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5443.php