Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Telesquare |
|
No data.
No data.
No data.
References
History
Mon, 16 Mar 2026 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges. | |
| Title | Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution | |
| First Time appeared |
Telesquare
Telesquare sdt-cs3b1 Telesquare sdt-cs3b1 Firmware |
|
| Weaknesses | CWE-352 | |
| CPEs | cpe:2.3:h:telesquare:sdt-cs3b1:-:*:*:*:*:*:*:* cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.1.0:*:*:*:*:*:*:* cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:*:*:*:*:*:*:* |
|
| Vendors & Products |
Telesquare
Telesquare sdt-cs3b1 Telesquare sdt-cs3b1 Firmware |
|
| References |
|
|
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-03-16T01:28:24.978Z
Reserved: 2026-03-15T21:54:37.665Z
Link: CVE-2017-20221
Vulnrichment
No data.
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
No data.