CVE-2026-27754

Name of the Vulnerable Software and Affected Versions SODOLA SL902-SWTGW124AS firmware versions through 200.1.20

Description The firmware utilizes the MD5 hash function for session cookie generation, which weakens session security. This is due to the predictability of session tokens and MD5’s collision vulnerabilities, potentially allowing attackers to forge valid session cookies and gain unauthorized access to the device.

Recommendations Update to a firmware version newer than 200.1.20.