47 matches found
CVE-2017-20224
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executab...
EUVD-2017-18938
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of...
EUVD-2017-18936
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when...
CVE-2017-20224
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executab...
CVE-2017-20222
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of...
CVE-2017-20221
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when...
CVE-2017-20224 Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executab...
CVE-2017-20224
CVE-2017-20224 affects Telesquare SKT LTE Router SDT-CS3B1 1.2.0. The issue is an arbitrary file upload vulnerability via enabled WebDAV HTTP methods (PUT, DELETE, MKCOL, MOVE, COPY, PROPPATCH) that allows unauthenticated attackers to upload executable code and manipulate server content, potentia...
CVE-2017-20223 Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrie...
CVE-2017-20222
CVE-2017-20222 affects Telesquare SKT LTE Router SDT-CS3B1 (software version 1.2.0). The issue is an unauthenticated remote reboot: sending POST to /lte.cgi with Command=Reboot triggers a device reboot and denial of service. Documented impact is reboot denial of service; CVSS scores at 7.5 (3.1) ...
CVE-2017-20222 Telesquare SKT LTE Router SDT-CS3B1 Unauthenticated Remote Reboot
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of...
CVE-2017-20221 Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when...
CVE-2017-20221
The connected docs confirm a CSRF vulnerability in Telesquare SKT LTE Router SDT-CS3B1 (fw v1.2.0). Authenticated attackers can abuse missing request validation to cause arbitrary system command execution with router privileges by visiting a malicious page that triggers administrative actions. Th...
CVE-2017-20221 Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when...
CVE-2017-20221
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains a cross-site request forgery vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting missing request validation. Attackers can craft malicious web pages that perform administrative actions when...
Telesquare SKT LTE Router SDT-CS3B1 代码问题漏洞
The Telesquare SKT LTE Router SDT-CS3B1 is a wireless router produced by the South Korean company Telesquare. Version 1.2.0 of the Telesquare SKT LTE Router SDT-CS3B1 contains a code vulnerability. This vulnerability stems from an arbitrary file upload vulnerability, which could allow...
PT-2026-25741
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrie...
Telesquare SKT LTE Router SDT-CS3B1 访问控制错误漏洞
The Telesquare SKT LTE Router SDT-CS3B1 is a wireless router produced by the South Korean company Telesquare. Version 1.2.0 of the Telesquare SKT LTE Router SDT-CS3B1 contains an access control vulnerability. This vulnerability stems from a remote restart vulnerability that lacks authentication,...
Exploit for OS Command Injection in Telesquare Sdt-Cs3B1_Firmware
PoC exploit for CVE-2021-46422, an operating system command inje...
Exploit for OS Command Injection in Telesquare Sdt-Cs3B1_Firmware
C...