CVE-2017-20222

Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cxsecurity.com/issue/WLB-2017120300	Exploit Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/136825	Third Party Advisory
https://packetstormsecurity.com/files/145555	Exploit Third Party Advisory
https://www.exploit-db.com/exploits/43401/	Exploit Third Party Advisory VDB Entry
https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-unauthenticated-remote-reboot	Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5444.php	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:*:*:*:*:*:*:*

cpe:2.3:h:telesquare:sdt-cs3b1:-:*:*:*:*:*:*:*

History

14 Apr 2026, 17:00

Type	Values Removed	Values Added
First Time		Telesquare Telesquare sdt-cs3b1 Firmware Telesquare sdt-cs3b1
Summary		(es) Telesquare SKT LTE Router SDT-CS3B1 versión de software 1.2.0 contiene una vulnerabilidad de reinicio remoto no autenticado que permite a los atacantes activar el reinicio del dispositivo sin autenticación. Los atacantes pueden enviar solicitudes POST al endpoint lte.cgi con el parámetro Command=Reboot para causar denegación de servicio al forzar el reinicio del router.
CPE		cpe:2.3:h:telesquare:sdt-cs3b1:-:::::::* cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:::::::*
References	~~() https://cxsecurity.com/issue/WLB-2017120300 -~~	() https://cxsecurity.com/issue/WLB-2017120300 - Exploit, Issue Tracking
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/136825 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/136825 - Third Party Advisory
References	~~() https://packetstormsecurity.com/files/145555 -~~	() https://packetstormsecurity.com/files/145555 - Exploit, Third Party Advisory
References	~~() https://www.exploit-db.com/exploits/43401/ -~~	() https://www.exploit-db.com/exploits/43401/ - Exploit, Third Party Advisory, VDB Entry
References	~~() https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-unauthenticated-remote-reboot -~~	() https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-unauthenticated-remote-reboot - Third Party Advisory
References	~~() https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5444.php -~~	() https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5444.php - Exploit, Third Party Advisory

16 Mar 2026, 14:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-16 14:17

Updated : 2026-04-14 17:00

NVD link : CVE-2017-20222

Mitre link : CVE-2017-20222

CVE.ORG link : CVE-2017-20222

JSON object : View

Products Affected

telesquare

sdt-cs3b1_firmware
sdt-cs3b1

CWE

CWE-306

Missing Authentication for Critical Function

7.5 /10