Skip to main content

Sl902 Swtgw124as Firmware CVE-2026-27751

CRITICAL
Use of Default Credentials (CWE-1392)
2026-02-27 disclosure@vulncheck.com
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 27, 2026 - 18:16 nvd
CRITICAL 9.8

DescriptionCVE.org

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.

AnalysisAI

Default credentials in SODOLA SL902-SWTGW124AS network switch firmware allow unauthenticated remote access. Default credentials are publicly known, enabling complete device takeover.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Discover SODOLA device on network
Exploit
Connect to management interface
Execution
Authenticate with default hardcoded credentials
Impact
Gain administrative access

Vulnerability AssessmentAI

Exploitation SODOLA SL902-SWTGW124AS firmware version 200.1.20 or earlier with unchanged default administrative credentials; remote access to management interface enabled (default configuration). Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 9.8. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Attacker scans for SODOLA switches, logs in with default credentials, modifies VLAN configurations, enables port mirroring for traffic interception.
Remediation Change default credentials immediately. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and inventory all Sl902-Swtgw124As devices in production, determine firmware versions, and implement network segmentation to restrict management interface access. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-27751 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy