プラットフォーム
linux
コンポーネント
telesquare-sdt-cs3b1
修正版
1.2.1
CVE-2017-20221 describes a cross-site request forgery (CSRF) vulnerability affecting the Telesquare SDT-CS3B1 LTE Router running version 1.2.0. This flaw allows authenticated attackers to execute arbitrary system commands on the router. The vulnerability stems from a lack of proper request validation, enabling malicious web pages to trigger administrative actions when visited by logged-in users. A firmware upgrade is the recommended solution.
An attacker exploiting this CSRF vulnerability can gain unauthorized access to the Telesquare SDT-CS3B1 LTE Router and execute arbitrary system commands with router privileges. This could lead to complete compromise of the device, including data exfiltration, configuration modification, and potentially, lateral movement within the network. The impact is particularly severe in environments where the router handles sensitive data or acts as a gateway to internal resources. Successful exploitation could allow an attacker to disrupt network services, intercept traffic, or even use the router as a launchpad for further attacks.
CVE-2017-20221 was published on March 16, 2026. There is no indication of active exploitation or KEV listing at this time. Public proof-of-concept code is not widely available, but the vulnerability's nature makes it relatively straightforward to exploit given authenticated access. The low CVSS score suggests a moderate exploitation probability.
Organizations utilizing the Telesquare SDT-CS3B1 LTE Router in industrial control systems, remote site connectivity, or any environment where the router handles sensitive data are at risk. Specifically, deployments relying on default configurations or lacking robust access controls are particularly vulnerable.
• linux / server:
journalctl -u telesquare_router | grep -i "csrf"• generic web:
curl -I <router_ip>/admin | grep -i "referer"disclosure
エクスプロイト状況
EPSS
0.02% (5% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2017-20221 is to upgrade the Telesquare SDT-CS3B1 LTE Router to a patched firmware version (unavailable at the time of writing). As an interim measure, implement a Web Application Firewall (WAF) with CSRF protection rules to filter out malicious requests. Additionally, enforce strong password policies and multi-factor authentication for router administrative accounts. Regularly review router logs for suspicious activity. Consider implementing network segmentation to limit the router's access to sensitive resources.
Telesquare SDT-CS3B1 ルーターのファームウェアを、CSRF攻撃を防ぐために適切なリクエスト検証を実装した修正バージョンにアップデートしてください。 利用可能なファームウェアアップデートについては、製造元のドキュメントまたはWebサイトを参照してください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2017-20221 is a cross-site request forgery vulnerability in the Telesquare SDT-CS3B1 LTE Router version 1.2.0, allowing attackers to execute commands with router privileges.
You are affected if you are using the Telesquare SDT-CS3B1 LTE Router version 1.2.0 and have not upgraded to a patched firmware.
The recommended fix is to upgrade to a patched firmware version. Until then, implement WAF rules and strong access controls.
There is currently no public information indicating active exploitation of CVE-2017-20221.
Please refer to the Telesquare website for official advisories and updates regarding CVE-2017-20221.