Description
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input is not properly encoded before output. Attackers can craft malicious URLs that execute arbitrary JavaScript in the web interface when visited by authenticated users.
Published: 2026-02-27
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Reflected Cross‑Site Scripting in the device’s management web interface
Action: Patch Now
AI Analysis

Impact

Firmware versions up to 200.1.20 embed an improperly encoded user input field in the management interface. The flaw allows malicious JavaScript to be reflected back into the browser when an authenticated user visits a crafted URL. The primary consequence is client‑side script execution; the vendor’s description does not specify further impact, but such scripts can potentially steal session cookies or perform actions on behalf of the authenticated user. Based on the description, it is inferred that the attacker could use the compromised session to gain additional access to the network device, although this is not explicitly stated in the advisory.

Affected Systems

The vulnerability targets the SODOLA SL902‑SWTGW124AS managed switch from Shenzhen Hongyavision Technology Co., Ltd. (Sodola Networks). All firmware releases through 200.1.20 are affected; newer firmware should mitigate the issue.

Risk and Exploitability

The CVSS score of 5.1 reflects moderate severity, while the EPSS probability of less than 1% indicates low likelihood of exploitation. The flaw is not listed in the CISA KEV catalog. Exploitation requires the attacker to convince an authenticated user to click a malicious link, so the risk is bounded to management‑interface users. No elevated privileges or remote code execution are possible; the threat is restricted to session compromise within a user’s browser.

Generated by OpenCVE AI on April 17, 2026 at 13:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the switch firmware to a version newer than 200.1.20.
  • Restrict management‑interface access to trusted networks or enforce VPN authentication for remote users.
  • Configure a restrictive Content Security Policy or enable XSS protection headers to mitigate reflected script execution until the patch is applied.
  • If patching is delayed, monitor user activity for suspicious link clicks and provide user awareness training.

Generated by OpenCVE AI on April 17, 2026 at 13:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 03 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Sodola-network
Sodola-network sl902-swtgw124as
Sodola-network sl902-swtgw124as Firmware
CPEs cpe:2.3:h:sodola-network:sl902-swtgw124as:-:*:*:*:*:*:*:*
cpe:2.3:o:sodola-network:sl902-swtgw124as_firmware:*:*:*:*:*:*:*:*
Vendors & Products Sodola-network
Sodola-network sl902-swtgw124as
Sodola-network sl902-swtgw124as Firmware

Mon, 02 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Sodolanetworks
Sodolanetworks sodola Sl902-swtgw124as Firmware
CPEs cpe:2.3:o:sodolanetworks:sodola_sl902-swtgw124as_firmware:*:*:*:*:*:*:*:*
Vendors & Products Sodolanetworks
Sodolanetworks sodola Sl902-swtgw124as Firmware

Mon, 02 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Shenzhen Hongyavision Technology Co
Shenzhen Hongyavision Technology Co sodola Sl902-swtgw124as
Vendors & Products Shenzhen Hongyavision Technology Co
Shenzhen Hongyavision Technology Co sodola Sl902-swtgw124as

Fri, 27 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 18:30:00 +0000

Type Values Removed Values Added
Description SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input is not properly encoded before output. Attackers can craft malicious URLs that execute arbitrary JavaScript in the web interface when visited by authenticated users.
Title SODOLA SL902-SWTGW124AS <= 200.1.20 Reflected XSS in Management Interface
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Shenzhen Hongyavision Technology Co Sodola Sl902-swtgw124as
Sodola-network Sl902-swtgw124as Sl902-swtgw124as Firmware
Sodolanetworks Sodola Sl902-swtgw124as Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-02T17:30:06.047Z

Reserved: 2026-02-23T21:38:48.842Z

Link: CVE-2026-27756

cve-icon Vulnrichment

Updated: 2026-02-27T18:59:16.426Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-27T19:16:09.763

Modified: 2026-03-03T19:12:22.217

Link: CVE-2026-27756

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T14:00:15Z

Weaknesses