CVE-2017-20221 MEDIUM

CVE-2017-20221: Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution

Vendor Telesquare
Product SDT-CS3B1
Weakness CWE-352 · CSRF
Published March 16, 2026
Last update April 7, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L

What the vulnerability does

01Description

Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.

Key dates

02Disclosure timeline

March 16, 2026 CVE published
April 7, 2026 Record updated