Plataforma
other
Componente
sodola-sl902-swtgw124as-firmware
Corrigido em
200.1.21
A cross-site request forgery (CSRF) vulnerability exists in SODOLA SL902-SWTGW124AS firmware versions up to 200.1.20. This flaw allows attackers to trick authenticated users into unknowingly submitting malicious requests, potentially leading to unauthorized configuration changes or administrative actions. The vulnerability impacts devices running these firmware versions and requires user interaction to exploit. A fix is pending from the vendor.
The CSRF vulnerability in SODOLA SL902-SWTGW124AS firmware allows an attacker to leverage a user's authenticated session to perform actions as that user. This could include modifying device settings, disabling security features, or even gaining full administrative control. An attacker could host a malicious webpage that, when visited by an authenticated user, silently sends crafted requests to the device's management interface. The blast radius extends to any user with access to the management interface, and successful exploitation could compromise the entire device and potentially the network it's connected to. While no direct precedent exists for this specific device, CSRF vulnerabilities are commonly exploited to gain unauthorized access and control.
This vulnerability was publicly disclosed on 2026-02-27. The CVSS score of 4.3 (MEDIUM) indicates a moderate probability of exploitation. No public proof-of-concept (POC) code has been identified as of this writing. It is not currently listed on the CISA KEV catalog. Active campaigns targeting this vulnerability are not known.
Organizations utilizing SODOLA SL902-SWTGW124AS firmware in their deployments, particularly those with exposed management interfaces or lacking robust network segmentation, are at risk. Shared hosting environments where multiple users share the same device are also vulnerable.
disclosure
Status do Exploit
EPSS
0.02% (percentil 3%)
CISA SSVC
Vetor CVSS
Due to the lack of a provided fixed version, mitigation strategies focus on reducing the attack surface and preventing exploitation. Restricting access to the management interface to trusted networks or using VPNs is crucial. Implementing strict input validation on all requests to the management interface can help prevent malicious data from being processed. Consider using a Web Application Firewall (WAF) to filter out potentially malicious requests. Monitor device logs for suspicious activity, particularly unexpected configuration changes. After a firmware upgrade is released, verify the fix by attempting to trigger a CSRF request and confirming it is blocked or fails.
Actualizar el firmware del dispositivo SODOLA SL902-SWTGW124AS a una versión posterior a 200.1.20 que incluya protecciones CSRF. Consultar el sitio web del fabricante para obtener la última versión del firmware y las instrucciones de actualización.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-27758 is a cross-site request forgery vulnerability affecting SODOLA SL902-SWTGW124AS firmware versions 0–200.1.20, allowing attackers to trick authenticated users into performing unauthorized actions.
You are affected if you are using SODOLA SL902-SWTGW124AS firmware versions 0–200.1.20 and have not yet upgraded to a patched version (when available).
Upgrade to the latest firmware version when a patch is released by the vendor. Until then, restrict access to the management interface and implement strict input validation.
As of now, there are no confirmed reports of active exploitation campaigns targeting CVE-2026-27758.
Please refer to the SODOLA website or contact their support channels for the official advisory regarding CVE-2026-27758.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.