← Back

CVE-2017-20222

nvd nist
Published: Mar 16, 2026Modified: Apr 14, 2026

JSON object

Loading...
8.7
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: disclosure@vulncheck.com (Secondary)

Description

Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.

Affected (1)

Telesquare
1 product
Sdt Cs3b1 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sdt Cs3b1 Firmware
Version 1.2.0
Running on/withPlatform Versions
Telesquare
Sdt Cs3b1
All versions

Related CWEs

CWE-306
Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (6)

Source: disclosure@vulncheck.com
ExploitIssue Tracking
Source: disclosure@vulncheck.com
Third Party Advisory
Source: disclosure@vulncheck.com
ExploitThird Party Advisory
Source: disclosure@vulncheck.com
ExploitThird Party AdvisoryVDB Entry
Source: disclosure@vulncheck.com
Third Party Advisory
Source: disclosure@vulncheck.com
ExploitThird Party Advisory

Timeline

No history available yet.