CVE-2026-27754 - Vulnerability Details

- SODOLA SL902-SWTGW124AS <= 200.1.20 MD5 Session Token Generation

Description

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies and gain unauthorized access to the device.

Published: 2026-02-27

Score: 6.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in the firmware of the SODOLA SL902-SWTGW124AS device causes session cookies to be generated with the MD5 hash function, which is cryptographically broken. Attackers can predict or forge session tokens that appear legitimate, allowing them to hijack sessions and gain unauthorized administrator access to the switch. The weakness aligns with CWE-328, a weakness in cryptographic hash usage.

Affected Systems

The vulnerability affects Sudola Networks SODOLA SL902-SWTGW124AS switches running firmware version 200.1.20 or earlier. No later versions are known to be impacted. Systems in production that rely on web‑based management are subject to the risk.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity, and the EPSS score of less than 1 % suggests a low probability of exploitation. The device is not listed in the CISA KEV catalog, further indicating limited known exploitation. The likely attack vector is remote, accessed via the switch’s web management interface, where an attacker can send crafted session tokens to fool the authentication mechanism. An attacker does not need any privileged local access to create a session; the flaw allows direct hijacking of an existing session or creation of a new one that the device will accept.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Shenzhen Hongyavision Technology Co., Ltd. (Sodola Networks)

SODOLA SL902-SWTGW124AS

unknown

Version	Status	Constraints
`0`	affected	≤ 200.1.20

Configuration 1 [-]

AND

cpe:2.3:o:sodola-network:sl902-swtgw124as_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sodola-network:sl902-swtgw124as:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Shenzhen Hongyavision Technology Co

Sodola Sl902-swtgw124as

100%

Version	Status	Scheme	Platform
`[0,200.1.20]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the switch firmware to 200.1.21 or later to replace MD5 session token generation
If a firmware upgrade cannot be applied immediately, disable the web management interface or block the management port to prevent remote access
Apply network segmentation or firewall rules to limit who can reach the switch’s administration endpoints

Generated by OpenCVE AI on April 16, 2026 at 15:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0002.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://www.sodola-network.com/products/sodola-6-port-2-5g-easy-web-managed-switch-4-x-2-5g-base-t-ports-2-x-10g-sfp-static-aggregation-qos-vlan-igmp-2-5gb-network-home-lab-switch
https://www.vulncheck.com/advisories/sodola-sl902-swtgw124as-md5-session-token-generation

History

Tue, 03 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 03 Mar 2026 19:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sodola-network Sodola-network sl902-swtgw124as Sodola-network sl902-swtgw124as Firmware
CPEs		cpe:2.3:h:sodola-network:sl902-swtgw124as:-:::::::* cpe:2.3:o:sodola-network:sl902-swtgw124as_firmware::::::::
Vendors & Products		Sodola-network Sodola-network sl902-swtgw124as Sodola-network sl902-swtgw124as Firmware

Mon, 02 Mar 2026 17:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Sodolanetworks Sodolanetworks sodola Sl902-swtgw124as Firmware
CPEs		cpe:2.3:o:sodolanetworks:sodola_sl902-swtgw124as_firmware::::::::
Vendors & Products		Sodolanetworks Sodolanetworks sodola Sl902-swtgw124as Firmware

Mon, 02 Mar 2026 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Shenzhen Hongyavision Technology Co Shenzhen Hongyavision Technology Co sodola Sl902-swtgw124as
Vendors & Products		Shenzhen Hongyavision Technology Co Shenzhen Hongyavision Technology Co sodola Sl902-swtgw124as

Fri, 27 Feb 2026 18:30:00 +0000

Type	Values Removed	Values Added
Description		SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies and gain unauthorized access to the device.
Title		SODOLA SL902-SWTGW124AS <= 200.1.20 MD5 Session Token Generation
Weaknesses		CWE-328
References		https://www.sodola-network.com/products/sodola-6-port-2-5g-easy-web-managed-switch-4-x-2-5g-base-t-ports-2-x-10g-sfp-static-aggregation-qos-vlan-igmp-2-5gb-network-home-lab-switch https://www.vulncheck.com/advisories/sodola-sl902-swtgw124as-md5-session-token-generation
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N'}`

Subscriptions

Shenzhen Hongyavision Technology Co Sodola Sl902-swtgw124as

Sodola-network Sl902-swtgw124as Sl902-swtgw124as Firmware

Sodolanetworks Sodola Sl902-swtgw124as Firmware

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2026-02-27T18:09:33.191Z

Updated: 2026-03-03T18:09:56.948Z

Reserved: 2026-02-23T21:38:48.842Z

Link: CVE-2026-27754

Vulnrichment

Updated: 2026-02-27T19:20:47.566Z

NVD

Status : Analyzed

Published: 2026-02-27T19:16:09.320

Modified: 2026-03-03T19:09:23.627

Link: CVE-2026-27754

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-16T15:30:06Z

Weaknesses

CWE-328

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object