Skip to main content

Sl902 Swtgw124as Firmware CVE-2026-27755

CRITICAL
Use of Insufficiently Random Values (CWE-330)
2026-02-27 disclosure@vulncheck.com
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 27, 2026 - 19:16 nvd
CRITICAL 9.8

DescriptionCVE.org

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifier offline and bypass authentication without completing the login flow, gaining unauthorized access to the device.

AnalysisAI

Weak session identifier generation in SODOLA SL902-SWTGW124AS network switch firmware allows attackers to predict session tokens and hijack administrative sessions.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain valid credentials through social engineering
Exploit
Calculate predictable MD5-based session identifier offline
Execution
Forge authenticated session cookie
Impact
Bypass login flow and access device

Vulnerability AssessmentAI

Exploitation SODOLA SL902-SWTGW124AS firmware version 200.1.20 or earlier with knowledge or guessing of valid user credentials. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 9.8, EPSS 0.13%. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Attacker predicts session identifiers through analysis of the weak PRNG, hijacks active admin session to control the network switch.
Remediation Update firmware. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and inventory all Sl902-Swtgw124As devices running firmware 200.1.20 or earlier; isolate critical instances to air-gapped or highly restricted networks if possible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-27755 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy