Description
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows remote attackers to perform unlimited login attempts against the management interface. Attackers can conduct online password guessing attacks without account lockout or rate limiting restrictions to gain unauthorized access to the device management interface.
Published: 2026-02-27
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Remote Device Management Access
Action: Patch Firmware
AI Analysis

Impact

The vulnerability in the SODOLA SL902‑SWTGW124AS firmware up to version 200.1.20 removes any login attempt throttling, enabling attackers to brute‑force passwords on the web‑based management interface. This improper rate limiting leaves the authentication mechanism open for repeated credential guessing, resulting in unauthorized device configuration changes, data exposure, or further network compromise. The flaw conforms to CWE‑307, which involves improper password or authentication mechanism usage.

Affected Systems

The affected hardware is the SODOLA SL902‑SWTGW124AS switch manufactured by Shenzhen Hongyavision Technology Co., Ltd. (Sodola Networks). Firmware versions equal to or less than 200.1.20 are vulnerable; newer releases are not listed as impacted.

Risk and Exploitability

The vulnerability has a CVSS score of 6.9, indicating medium severity with a moderate impact on confidentiality and integrity. The EPSS score is listed as less than 1%, suggesting a very low probability of exploitation in the wild at present, and it is not included in CISA’s KEV catalog. Attackers would need remote access to the device’s management interface, most likely over the local network or an exposed management interface; the lack of lockout or rate limiting allows unlimited attempts with no prerequisites beyond network connectivity.

Generated by OpenCVE AI on April 17, 2026 at 13:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the switch firmware to version 200.1.21 or later to remove the authentication bypass flaw.
  • Restrict management interface access to trusted IP addresses or subnets, using VLANs or firewall rules to limit who can reach the web interface.
  • Apply network-level intrusion detection (e.g., fail2ban or equivalent) to detect and block repeated failed login attempts, providing an additional layer of protection against brute‑force attacks.

Generated by OpenCVE AI on April 17, 2026 at 13:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 03 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Sodola-network
Sodola-network sl902-swtgw124as
Sodola-network sl902-swtgw124as Firmware
CPEs cpe:2.3:h:sodola-network:sl902-swtgw124as:-:*:*:*:*:*:*:*
cpe:2.3:o:sodola-network:sl902-swtgw124as_firmware:*:*:*:*:*:*:*:*
Vendors & Products Sodola-network
Sodola-network sl902-swtgw124as
Sodola-network sl902-swtgw124as Firmware

Mon, 02 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Sodolanetworks
Sodolanetworks sodola Sl902-swtgw124as Firmware
CPEs cpe:2.3:o:sodolanetworks:sodola_sl902-swtgw124as_firmware:*:*:*:*:*:*:*:*
Vendors & Products Sodolanetworks
Sodolanetworks sodola Sl902-swtgw124as Firmware

Mon, 02 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Shenzhen Hongyavision Technology Co
Shenzhen Hongyavision Technology Co sodola Sl902-swtgw124as
Vendors & Products Shenzhen Hongyavision Technology Co
Shenzhen Hongyavision Technology Co sodola Sl902-swtgw124as

Fri, 27 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Description SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain an authentication bypass vulnerability that allows remote attackers to perform unlimited login attempts against the management interface. Attackers can conduct online password guessing attacks without account lockout or rate limiting restrictions to gain unauthorized access to the device management interface.
Title SODOLA SL902-SWTGW124AS <= 200.1.20 Improper Login Rate Limiting
Weaknesses CWE-307
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Shenzhen Hongyavision Technology Co Sodola Sl902-swtgw124as
Sodola-network Sl902-swtgw124as Sl902-swtgw124as Firmware
Sodolanetworks Sodola Sl902-swtgw124as Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-02T17:29:58.455Z

Reserved: 2026-02-23T21:38:48.842Z

Link: CVE-2026-27753

cve-icon Vulnrichment

Updated: 2026-02-27T19:27:53.412Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-27T18:16:13.303

Modified: 2026-03-03T19:09:33.670

Link: CVE-2026-27753

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T14:00:15Z

Weaknesses