Sodola-network Sl902-swtgw124as_firmware
8 CVEs affecting Sodola-network Sl902-swtgw124as_firmware. Latest disclosed: 2026-02-27. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-27755 | Critical | 9.8 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authentica… |
CVE-2026-27751 | Critical | 9.8 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative ac… |
CVE-2026-27757 | High | 7.1 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication vulnerability that allows authenticated users to change account passwords… |
CVE-2026-27754 | Medium | 6.5 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session… |
CVE-2026-27753 | Medium | 6.5 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows remote attackers to perform unlimited log… |
CVE-2026-27756 | Medium | 6.1 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input… |
CVE-2026-27752 | Medium | 5.9 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials… |
CVE-2026-27758 | Medium | 4.3 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery vulnerability in its management interface that allows attackers… |