平台
linux
组件
telesquare-sdt-cs3b1
修复版本
1.2.1
CVE-2017-20221 describes a cross-site request forgery (CSRF) vulnerability affecting the Telesquare SDT-CS3B1 LTE Router running version 1.2.0. This flaw allows authenticated attackers to execute arbitrary system commands on the router. The vulnerability stems from a lack of proper request validation, enabling malicious web pages to trigger administrative actions when visited by logged-in users. A firmware upgrade is the recommended solution.
An attacker exploiting this CSRF vulnerability can gain unauthorized access to the Telesquare SDT-CS3B1 LTE Router and execute arbitrary system commands with router privileges. This could lead to complete compromise of the device, including data exfiltration, configuration modification, and potentially, lateral movement within the network. The impact is particularly severe in environments where the router handles sensitive data or acts as a gateway to internal resources. Successful exploitation could allow an attacker to disrupt network services, intercept traffic, or even use the router as a launchpad for further attacks.
CVE-2017-20221 was published on March 16, 2026. There is no indication of active exploitation or KEV listing at this time. Public proof-of-concept code is not widely available, but the vulnerability's nature makes it relatively straightforward to exploit given authenticated access. The low CVSS score suggests a moderate exploitation probability.
Organizations utilizing the Telesquare SDT-CS3B1 LTE Router in industrial control systems, remote site connectivity, or any environment where the router handles sensitive data are at risk. Specifically, deployments relying on default configurations or lacking robust access controls are particularly vulnerable.
• linux / server:
journalctl -u telesquare_router | grep -i "csrf"• generic web:
curl -I <router_ip>/admin | grep -i "referer"disclosure
漏洞利用状态
EPSS
0.02% (5% 百分位)
CISA SSVC
CVSS 向量
The primary mitigation for CVE-2017-20221 is to upgrade the Telesquare SDT-CS3B1 LTE Router to a patched firmware version (unavailable at the time of writing). As an interim measure, implement a Web Application Firewall (WAF) with CSRF protection rules to filter out malicious requests. Additionally, enforce strong password policies and multi-factor authentication for router administrative accounts. Regularly review router logs for suspicious activity. Consider implementing network segmentation to limit the router's access to sensitive resources.
将 Telesquare SDT-CS3B1 路由器固件更新到已修复的版本,该版本实现了适当的请求验证以防止 CSRF 攻击。请参阅制造商的文档或其网站以获取有关可用固件更新的信息。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2017-20221 is a cross-site request forgery vulnerability in the Telesquare SDT-CS3B1 LTE Router version 1.2.0, allowing attackers to execute commands with router privileges.
You are affected if you are using the Telesquare SDT-CS3B1 LTE Router version 1.2.0 and have not upgraded to a patched firmware.
The recommended fix is to upgrade to a patched firmware version. Until then, implement WAF rules and strong access controls.
There is currently no public information indicating active exploitation of CVE-2017-20221.
Please refer to the Telesquare website for official advisories and updates regarding CVE-2017-20221.