CVE-2026-27755

CRITICAL

SODOLA SL902-SWTGW124AS <200.1.20 - Auth Bypass

Title source: llm

Description

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifier offline and bypass authentication without completing the login flow, gaining unauthorized access to the device.

References (2)

[Various Sources] https://www.sodola-network.com/products/sodola-6-port-2-5g-easy-web-managed-switch-4-x-2-5g-base-t-ports-2-x-10g-sfp-static-aggregation-qos-vlan-igmp-2-5gb-network-home-lab-switch

[Third Party Advisory] https://www.vulncheck.com/advisories/sodola-sl902-swtgw124as-predictable-session-id

Scores

CVSS v3 9.8

EPSS 0.0014

EPSS Percentile 34.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-330

Status published

Products (1)

sodola-network/sl902-swtgw124as_firmware < 200.1.20

Published Feb 27, 2026

Tracked Since Feb 28, 2026