CVE-2017-20222

HIGH

Telesquare SKT LTE Router SDT-CS3B1 Unauthenticated Remote Reboot

Title source: cna

Description

Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythondoshardware

https://www.exploit-db.com/exploits/43401

View Code ZIP pw:eip

References (6)

[Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5444.php

[Third Party Advisory] https://cxsecurity.com/issue/WLB-2017120300

[Exploit] https://packetstormsecurity.com/files/145555

[Exploit] https://www.exploit-db.com/exploits/43401/

[Vdb Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/136825

[Third Party Advisory] https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-unauthenticated-remote-reboot

Scores

CVSS v3 7.5

EPSS 0.0010

EPSS Percentile 26.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-306

Status published

Products (2)

Telesquare/SDT-CS3B1 1.2.0

telesquare/sdt-cs3b1_firmware 1.2.0

Published Mar 16, 2026

Tracked Since Mar 16, 2026