{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2017-20224", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-15T21:57:29.608Z", "datePublished": "2026-03-16T01:28:27.434Z", "dateUpdated": "2026-03-16T14:20:16.427Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-16T01:28:27.434Z"}, "title": "Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload", "descriptions": [{"lang": "en", "value": "Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unrestricted Upload of File with Dangerous Type", "cweId": "CWE-434", "type": "CWE"}]}], "affected": [{"vendor": "Telesquare", "product": "SDT-CS3B1", "versions": [{"version": "1.2.0", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.1.0:*:*:*:*:*:*:*"}]}]}, {"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:h:telesquare:sdt-cs3b1:-:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5446.php", "name": "Zero Science Lab Disclosure", "tags": ["third-party-advisory"]}, {"url": "https://cxsecurity.com/issue/WLB-2017120301", "name": "CXSecurity", "tags": ["third-party-advisory"]}, {"name": "VulnCheck Advisory: Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-webdav-arbitrary-file-upload"}], "credits": [{"lang": "en", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2017-20224", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-16T14:09:03.093568Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T14:20:16.427Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2017-20224", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-16T14:09:03.093568Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T14:16:59.123Z"}}], "cna": {"title": "Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload", "credits": [{"lang": "en", "type": "finder", "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Telesquare", "product": "SDT-CS3B1", "versions": [{"status": "affected", "version": "1.2.0"}]}], "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5446.php", "name": "Zero Science Lab Disclosure", "tags": ["third-party-advisory"]}, {"url": "https://cxsecurity.com/issue/WLB-2017120301", "name": "CXSecurity", "tags": ["third-party-advisory"]}, {"url": "https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-webdav-arbitrary-file-upload", "name": "VulnCheck Advisory: Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "Unrestricted Upload of File with Dangerous Type"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.1.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:telesquare:sdt-cs3b1:-:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-16T01:28:27.434Z"}}}, "cveMetadata": {"cveId": "CVE-2017-20224", "state": "PUBLISHED", "dateUpdated": "2026-03-16T14:20:16.427Z", "dateReserved": "2026-03-15T21:57:29.608Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-16T01:28:27.434Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1CB1EF95-F220-467F-903C-0727F5250CF2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:telesquare:sdt-cs3b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "81DED0D5-BDBB-4310-BD2D-0F4ED27B274B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service."}, {"lang": "es", "value": "El router Telesquare SKT LTE SDT-CS3B1 versi\u00f3n 1.2.0 contiene una vulnerabilidad de carga arbitraria de archivos que permite a atacantes no autenticados cargar contenido malicioso explotando m\u00e9todos HTTP WebDAV habilitados. Los atacantes pueden usar los m\u00e9todos PUT, DELETE, MKCOL, MOVE, COPY y PROPPATCH para cargar c\u00f3digo ejecutable, eliminar archivos o manipular el contenido del servidor para la ejecuci\u00f3n remota de c\u00f3digo o la denegaci\u00f3n de servicio."}], "id": "CVE-2017-20224", "lastModified": "2026-04-14T16:52:32.510", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-16T14:17:52.560", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://cxsecurity.com/issue/WLB-2017120301"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/telesquare-skt-lte-router-sdt-cs3b1-webdav-arbitrary-file-upload"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5446.php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.2.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "SDT-CS3B1", "source": "cna", "vendor": "Telesquare"}, "product": "sdt-cs3b1", "vendor": "telesquare"}], "analysis": {"en": {"generated_at": "2026-03-22T14:50:00.029054+00:00", "value": {"mitigation_remediation": ["Update the router firmware to a version that removes the vulnerable WebDAV functionality, if a patched release is available from Telesquare.", "If no firmware update is possible, disable all WebDAV HTTP methods (PUT, DELETE, MKCOL, MOVE, COPY, PROPPATCH) on the device or block them through a firewall rule.", "Verify that remote management interfaces are secured and that only authenticated users can access configuration ports."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary file upload that can lead to remote code execution or denial of service"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to the Telesquare SDT\u2011CS3B1 LTE Router, specifically firmware versions 1.1.0 and 1.2.0. Any deployment of these firmware releases is affected unless mitigated by configuration changes.", "description_and_impact": "Unauthenticated attackers can exploit enabled WebDAV HTTP methods on the Telesquare SDT\u2011CS3B1 router to upload arbitrary files, delete or move existing ones, and manipulate server content. By uploading executable code the attacker can achieve remote code execution, while improper handling of file operations can also lead to denial of service. The weakness corresponds to CWE\u2011434 (Unrestricted Upload of File with Dangerous Type).", "risk_and_exploitability": "The CVSS base score is 9.3, indicating a high severity vulnerability. The EPSS score is below 1%, suggesting that while exploitation is possible it is not widely observed. The issue is not listed in the CISA KEV catalog, so no known active exploitation has yet been publicized. The attack path requires no authentication and relies on standard WebDAV methods such as PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH, making the vulnerability readily exploitable in the presence of enabled WebDAV functionality."}}}}, "created": "2026-03-16T09:58:38.555218+00:00", "updated": "2026-03-23T14:00:44.594258+00:00", "vendors": ["telesquare", "telesquare$PRODUCT$sdt-cs3b1"]}