CVE-2026-27753
Authentication Bypass in SODOLA SL902-SWTGW124AS Firmware Enables Unlimited Logins
Publication date: 2026-02-27
Last updated on: 2026-03-03
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sodola-network | sl902-swtgw124as_firmware | to 200.1.20 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-307 | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in SODOLA SL902-SWTGW124AS firmware versions up to 200.1.20 and is an authentication bypass issue.
It allows remote attackers to perform unlimited login attempts on the device's management interface without any account lockout or rate limiting.
This means attackers can repeatedly guess passwords online, increasing the chance of gaining unauthorized access.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to the device management interface.
An attacker exploiting this flaw could potentially control or manipulate the device, leading to compromised device security.
Since there is no rate limiting or lockout, attackers can continuously attempt to guess passwords, increasing the risk of a successful breach.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know