PT-2026-22374 · Sodola · Sodola Sl902-Swtgw124As
Kazuma Matsumoto
·
Published
2026-02-27
·
Updated
2026-03-03
·
CVE-2026-27756
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SODOLA SL902-SWTGW124AS versions through 200.1.20
Description
The software contains a reflected cross-site scripting issue in the management interface. User input is not properly encoded before being displayed, allowing attackers to execute arbitrary JavaScript code in the web interface when visited by authenticated users through crafted malicious URLs.
Recommendations
Update to a version beyond 200.1.20.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sodola Sl902-Swtgw124As