PT-2026-22369 · Sodola · Sodola Sl902-Swtgw124As
Kazuma Matsumoto
·
Published
2026-02-27
·
Updated
2026-03-04
·
CVE-2026-27751
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20
Description
The device allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using hardcoded default credentials without password change enforcement, gaining full administrative control of the device.
Recommendations
Versions prior to 200.1.21 should change the default credentials immediately.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sodola Sl902-Swtgw124As