CVE-2026-27751

EPSS 0.04%
Veröffentlicht 27.02.2026 18:07:58
Zuletzt bearbeitet 04.03.2026 02:08:00
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sodola-network ≫ Sl902-swtgw124as Firmware Version <= 200.1.20

Sodola-network ≫ Sl902-swtgw124as Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.111

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-1392 Use of Default Credentials

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

https://www.sodola-network.com/products/sodola-6-port-2-5g-easy-web-managed-switch-4-x-2-5g-base-t-ports-2-x-10g-sfp-static-aggregation-qos-vlan-igmp-2-5gb-network-home-lab-switch

Product

https://www.vulncheck.com/advisories/sodola-sl902-swtgw124as-use-of-default-credentials

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-27751

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-27751

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-27751

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-27751