Vulnerabilities

CVE-2026-27754 - SODOLA SL902-SWTGW124AS <= 200.1.20 md5 session token generation

2026-02-27 0 views admin

CVE ID : CVE-2026-27754 Published : Feb. 27, 2026, 6:09 p.m. | 21 minutes ago Description : SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies and gain unauthorized access to the device. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-27754

Severity

MEDIUM

Published

Feb. 27, 2026

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-27754medium

CVE-2026-27754 - SODOLA SL902-SWTGW124AS <= 200.1.20 md5 session token generation

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-27755 - SODOLA SL902-SWTGW124AS <= 200.1.20 predictable session id

CVE-2026-27756 - SODOLA SL902-SWTGW124AS <= 200.1.20 reflected xss in management interface

CVE-2026-27757 - SODOLA SL902-SWTGW124AS <= 200.1.20 unverified password change

CVE-2026-27758 - SODOLA SL902-SWTGW124AS <= 200.1.20 missing csrf protections

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting