CVE-2017-20224
Awaiting Analysis Awaiting Analysis - Queue
Arbitrary File Upload in Telesquare LTE Router Enables RCE

Publication date: 2026-03-16

Last updated on: 2026-04-14

Assigner: VulnCheck

Description
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-04-14
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2017-20224
EUVD
EUVD-2017-18941
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
telesquare sdt-cs3b1_firmware 1.2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2017-20224 is an arbitrary file upload vulnerability in the Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0. It arises because the router's WebDAV service is enabled and allows dangerous HTTP methods such as PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH without authentication."}, {'type': 'paragraph', 'content': 'Attackers can exploit these methods to upload malicious executable files, delete or manipulate existing files, or create new files on the server. This can lead to remote code execution or denial of service conditions on the affected device.'}] [1, 2, 3]

Detection Guidance

This vulnerability can be detected by checking if the WebDAV service on the Telesquare SKT LTE Router SDT-CS3B1 is enabled and if it allows dangerous HTTP methods such as PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH.

You can use HTTP client tools like curl to test the availability of these methods. For example, to check if the PUT method is enabled, you can try uploading a harmless test file using a command like:

  • curl -X PUT --data-binary @testfile.txt http://[router-ip]/webdav/testfile.txt

Similarly, to check if DELETE is enabled, you can attempt to delete a file:

  • curl -X DELETE http://[router-ip]/webdav/testfile.txt

Additionally, scanning the router for enabled WebDAV methods and directory listing can help identify the vulnerability. Tools that enumerate HTTP methods or WebDAV-enabled paths (such as /webdav, /admin, /cgi-bin) can be used.

Mitigation Strategies

Immediate mitigation steps include disabling the WebDAV service or restricting the allowed HTTP methods to prevent unauthorized file uploads and deletions.

If disabling WebDAV is not possible, restrict access to the WebDAV interface by implementing network-level controls such as firewall rules to limit access only to trusted hosts.

Additionally, monitor the router for suspicious activity involving HTTP methods like PUT and DELETE, and apply any available firmware updates or patches from the vendor if they become available.

Impact Analysis

This vulnerability can have severe impacts including unauthorized system access, remote code execution, denial of service (DoS), and exposure of sensitive system information.

  • Attackers can upload malicious executable code to the router, potentially taking full control of the device.
  • They can delete, move, overwrite, or create files, which may disrupt normal router operations or cause service outages.
  • The vulnerability can be exploited without any authentication, privileges, or user interaction, making it highly dangerous.
  • It can also facilitate phishing attacks by manipulating server content.
Compliance Impact

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2017-20224. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart