CVE-2017-20224
- EPSS 0.34%
- Veröffentlicht 16.03.2026 01:28:27
- Zuletzt bearbeitet 14.04.2026 16:52:32
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE,...
CVE-2017-20223
- EPSS 0.07%
- Veröffentlicht 16.03.2026 01:28:26
- Zuletzt bearbeitet 14.04.2026 16:57:27
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can dir...
CVE-2017-20222
- EPSS 0.22%
- Veröffentlicht 16.03.2026 01:28:25
- Zuletzt bearbeitet 14.04.2026 17:00:24
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with th...
CVE-2017-20221
- EPSS 0.02%
- Veröffentlicht 16.03.2026 01:28:24
- Zuletzt bearbeitet 14.04.2026 17:29:56
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web...
- EPSS 93.88%
- Veröffentlicht 27.04.2022 13:15:09
- Zuletzt bearbeitet 21.11.2024 06:34:03
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.
- EPSS 1.5%
- Veröffentlicht 21.06.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:22
Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account.