プラットフォーム
other
コンポーネント
sodola-sl902-swtgw124as-firmware
修正版
200.1.21
A cross-site request forgery (CSRF) vulnerability exists in SODOLA SL902-SWTGW124AS firmware versions up to 200.1.20. This flaw allows attackers to trick authenticated users into unknowingly submitting malicious requests, potentially leading to unauthorized configuration changes or administrative actions. The vulnerability impacts devices running these firmware versions and requires user interaction to exploit. A fix is pending from the vendor.
The CSRF vulnerability in SODOLA SL902-SWTGW124AS firmware allows an attacker to leverage a user's authenticated session to perform actions as that user. This could include modifying device settings, disabling security features, or even gaining full administrative control. An attacker could host a malicious webpage that, when visited by an authenticated user, silently sends crafted requests to the device's management interface. The blast radius extends to any user with access to the management interface, and successful exploitation could compromise the entire device and potentially the network it's connected to. While no direct precedent exists for this specific device, CSRF vulnerabilities are commonly exploited to gain unauthorized access and control.
This vulnerability was publicly disclosed on 2026-02-27. The CVSS score of 4.3 (MEDIUM) indicates a moderate probability of exploitation. No public proof-of-concept (POC) code has been identified as of this writing. It is not currently listed on the CISA KEV catalog. Active campaigns targeting this vulnerability are not known.
Organizations utilizing SODOLA SL902-SWTGW124AS firmware in their deployments, particularly those with exposed management interfaces or lacking robust network segmentation, are at risk. Shared hosting environments where multiple users share the same device are also vulnerable.
disclosure
エクスプロイト状況
EPSS
0.02% (3% パーセンタイル)
CISA SSVC
CVSS ベクトル
Due to the lack of a provided fixed version, mitigation strategies focus on reducing the attack surface and preventing exploitation. Restricting access to the management interface to trusted networks or using VPNs is crucial. Implementing strict input validation on all requests to the management interface can help prevent malicious data from being processed. Consider using a Web Application Firewall (WAF) to filter out potentially malicious requests. Monitor device logs for suspicious activity, particularly unexpected configuration changes. After a firmware upgrade is released, verify the fix by attempting to trigger a CSRF request and confirming it is blocked or fails.
SODOLA SL902-SWTGW124AS デバイスのファームウェアを 200.1.20 より後のバージョンにアップデートし、CSRF 保護を含めてください。 最新のファームウェアとアップデート手順については、製造元のウェブサイトを参照してください。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-27758 is a cross-site request forgery vulnerability affecting SODOLA SL902-SWTGW124AS firmware versions 0–200.1.20, allowing attackers to trick authenticated users into performing unauthorized actions.
You are affected if you are using SODOLA SL902-SWTGW124AS firmware versions 0–200.1.20 and have not yet upgraded to a patched version (when available).
Upgrade to the latest firmware version when a patch is released by the vendor. Until then, restrict access to the management interface and implement strict input validation.
As of now, there are no confirmed reports of active exploitation campaigns targeting CVE-2026-27758.
Please refer to the SODOLA website or contact their support channels for the official advisory regarding CVE-2026-27758.