CVE-2026-27752: Cleartext Credential Exposure in SODOLA SL902-SWTGW124AS Switches
Vulnerability ID: CVE-2026-27752
CVSS Score: 8.2
Published: 2026-02-27
A critical information disclosure vulnerability affects the management interface of SODOLA SL902-SWTGW124AS network switches (firmware versions 200.1.20 and prior). The device transmits administrative credentials in cleartext over unencrypted HTTP, allowing network-positioned attackers to intercept sensitive authentication data and gain full administrative control of the device.
TL;DR
The SODOLA SL902-SWTGW124AS switch transmits admin passwords in cleartext HTTP packets. Attackers on the local network can sniff these credentials to take full control of the switch. Remediation requires isolating the management interface or waiting for a firmware update supporting HTTPS.
Technical Details
- CWE ID: CWE-319
- CVSS v4.0: 8.2 (High)
- Attack Vector: Network
- EPSS Score: 0.00013
- Exploit Maturity: PoC / None
- Impact: Full Administrative Access
Affected Systems
- SODOLA SL902-SWTGW124AS 6-Port 2.5G Web Managed Switch
-
SODOLA SL902-SWTGW124AS Firmware: <= 200.1.20 (Fixed in:
N/A)
Exploit Details
- VulnCheck: Original advisory disclosing the cleartext credential transmission vulnerability.
Mitigation Strategies
- Network Segmentation (Management VLAN)
- Secure Tunneling (VPN/SSH)
- Access Control Lists (ACLs)
Remediation Steps:
- Isolate the switch management IP to a dedicated VLAN not accessible by standard users.
- Configure a secure jump host or VPN for administrative access.
- Monitor the vendor website for firmware updates beyond version 200.1.20.
- Change administrative passwords if network compromise is suspected.
References
Read the full report for CVE-2026-27752 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)