Which versions of Sdt Cs3b1 are affected by CVE-2017-20221?

Organizations using Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 should be aware of moderate risk from CVE-2017-20221, a cross-site request forgery vulnerability rated CVSS 4.3.

Is there a public PoC exploit available for CVE-2017-20221?

Yes, a public proof-of-concept exploit is available for CVE-2017-20221. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2017-20221?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Verify anti-CSRF tokens are enforced.

Sdt Cs3b1 CVE-2017-20221

Q: What is the CVSS score of CVE-2017-20221?

CVE-2017-20221 has a CVSS 4.0 base score of 5.3 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2017-18936 MEDIUM

Cross-Site Request Forgery (CSRF) (CWE-352)

2026-03-16 VulnCheck

CSRF Sdt Cs3b1

5.3

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.3 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 14, 2026 - 17:37 NVD

4.3 (MEDIUM) 5.3 (MEDIUM)

PoC Detected

Mar 16, 2026 - 14:53 vuln.today

Public exploit code

EUVD ID Assigned

Mar 16, 2026 - 02:00 euvd

EUVD-2017-18936

Analysis Generated

Mar 16, 2026 - 02:00 vuln.today

CVE Published

Mar 16, 2026 - 01:28 nvd

MEDIUM 4.3

DescriptionCVE.org

Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when visited by logged-in users, enabling command execution with router privileges.

AnalysisAI

A cross-site request forgery (CSRF) vulnerability exists in Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 that allows authenticated attackers to execute arbitrary system commands without additional validation. An attacker can craft a malicious webpage that, when visited by a logged-in router administrator, triggers unauthorized administrative actions with full router privileges. While the CVSS score of 4.3 is moderate and no active exploitation has been widely reported, the ability to achieve command execution on network infrastructure devices represents a meaningful risk to affected deployments.

Technical ContextAI

The vulnerability stems from inadequate CSRF token validation in the router's web administration interface, classified under CWE-352 (Cross-Site Request Forgery). The Telesquare SDT-CS3B1 is an LTE gateway device running firmware version 1.2.0 that exposes administrative functions via HTTP requests without proper anti-CSRF mechanisms. When an authenticated user (typically the network administrator) is logged into the router's web interface, an attacker can embed forged requests in malicious HTML or JavaScript to perform state-changing operations. The absence of request origin validation, SameSite cookie attributes, or per-request CSRF tokens allows these cross-origin requests to execute with the victim's authenticated session context, effectively bypassing the authentication boundary that would normally protect administrative operations.

RemediationAI

Immediately upgrade the SDT-CS3B1 router firmware to a patched version released by Telesquare after version 1.2.0; consult the vendor's support portal or contact Telesquare directly to obtain the latest firmware release and installation instructions. As an interim mitigation, restrict administrative web interface access to trusted internal IP addresses only using firewall rules, implement network segmentation to limit which users can access the router's management interface, enforce strong and unique passwords on all administrative accounts, and ensure administrator browsers are isolated from untrusted web content (e.g., via separate devices or virtual machines for administrative tasks). Additionally, monitor router access logs for suspicious administrative actions and consider implementing HTTP-only and Secure cookie flags if the router's settings allow.

CVE-2017-20221 vulnerability details – vuln.today

Back