Vulnerability Details CVE-2017-20222
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.3%
CVSS Severity
CVSS v3 Score 7.5
References
- https://cxsecurity.com/issue/WLB-2017120300
- https://exchange.xforce.ibmcloud.com/vulnerabilities/136825
- https://packetstormsecurity.com/files/145555
- https://www.exploit-db.com/exploits/43401/
- https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-unauthenticated-remote-reboot
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5444.php
Products affected by CVE-2017-20222
-
cpe:2.3:h:telesquare:sdt-cs3b1:-
-
cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0