DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-27751: CVE-2026-27751: Hardcoded Default Credentials in SODOLA SL902-SWTGW124AS

#security #cve #cybersecurity

CVE-2026-27751: Hardcoded Default Credentials in SODOLA SL902-SWTGW124AS

Vulnerability ID: CVE-2026-27751
CVSS Score: 9.8
Published: 2026-02-27

A critical authentication vulnerability exists in the SODOLA SL902-SWTGW124AS network switch firmware. The device ships with hardcoded administrative credentials that are not forcibly changed upon initial configuration. This flaw allows unauthenticated remote attackers to gain full administrative access to the device management interface via HTTP or HTTPS, leading to complete system compromise.

TL;DR

The SODOLA SL902-SWTGW124AS switch uses a default 'admin:admin' account that is active by default. Attackers can remotely log in to gain full control. Administrators must manually change the password immediately.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-1392 (Use of Default Credentials)
  • CVSS v3.1: 9.8 (Critical)
  • Attack Vector: Network (Remote)
  • Attack Complexity: Low
  • Privileges Required: None
  • EPSS Score: 0.04% (Low Probability)
  • Exploit Status: PoC Available / Trivial

Affected Systems

  • SODOLA SL902-SWTGW124AS 6-Port 2.5G Managed Switch
  • SODOLA SL902-SWTGW124AS Firmware: <= 200.1.20 (Fixed in: Manual Password Change Required)

Exploit Details

  • VulnCheck: Advisory detailing the default credentials vulnerability.

Mitigation Strategies

  • Credential Rotation
  • Network Segmentation
  • Management Plane Isolation

Remediation Steps:

  1. Access the web management interface of the SODOLA switch via a web browser.
  2. Log in using the default credentials (admin / admin).
  3. Navigate to the System or User Management section of the configuration menu.
  4. Select the admin user and choose the option to change the password.
  5. Enter a strong, unique password (minimum 12 characters, mixed case, alphanumeric).
  6. Save the configuration to non-volatile memory to ensure it persists after a reboot.
  7. Verify that the management interface is not accessible from the public internet.

References

Read the full report for CVE-2026-27751 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)