Sodola-network

Sl902-swtgw124as Firmware

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2026-27758

  • EPSS 0.01%
  • Veröffentlicht 27.02.2026 18:11:35
  • Zuletzt bearbeitet 03.03.2026 19:08:51

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a cross-site request forgery vulnerability in its management interface that allows attackers to induce authenticated users into submitting forged requests. Attackers can craft malicio...

7.2

CVE-2026-27757

  • EPSS 0.04%
  • Veröffentlicht 27.02.2026 18:11:05
  • Zuletzt bearbeitet 03.03.2026 19:09:01

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication vulnerability that allows authenticated users to change account passwords without verifying the current password. Attackers who gain access to an authenticated sessi...

6.1

CVE-2026-27756

  • EPSS 0.03%
  • Veröffentlicht 27.02.2026 18:10:26
  • Zuletzt bearbeitet 03.03.2026 19:12:22

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input is not properly encoded before output. Attackers can craft malicious URLs that execute arbi...

9.8

CVE-2026-27755

  • EPSS 0.11%
  • Veröffentlicht 27.02.2026 18:09:57
  • Zuletzt bearbeitet 03.03.2026 19:09:12

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid ...

6.5

CVE-2026-27754

  • EPSS 0.02%
  • Veröffentlicht 27.02.2026 18:09:33
  • Zuletzt bearbeitet 03.03.2026 19:09:23

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vu...

6.5

CVE-2026-27753

  • EPSS 0.04%
  • Veröffentlicht 27.02.2026 18:09:06
  • Zuletzt bearbeitet 03.03.2026 19:09:33

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows remote attackers to perform unlimited login attempts against the management interface. Attackers can conduct online password guessin...

5.9

CVE-2026-27752

  • EPSS 0.01%
  • Veröffentlicht 27.02.2026 18:08:32
  • Zuletzt bearbeitet 03.03.2026 19:09:44

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can inter...

9.8

CVE-2026-27751

  • EPSS 0.04%
  • Veröffentlicht 27.02.2026 18:07:58
  • Zuletzt bearbeitet 04.03.2026 02:08:00

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default cr...