Cross-Site Request Forgery Vulnerability in SODOLA SL902-SWTGW124AS Firmware
CVE-2026-27758

5.1MEDIUM

Key Information:

Vendor: Shenzhen Hongyavision Technology Co., Ltd. (sodola Networks)
Status: Sodola Sl902-swtgw124as
Vendor: CVE Published:; 27 February 2026

🔔 Create Shenzhen Hongyavision Technology Co., Ltd. (sodola Networks) Vulnerability Alert

What is CVE-2026-27758?

The SL902-SWTGW124AS firmware from SODOLA, up to version 200.1.20, is vulnerable to cross-site request forgery. This vulnerability allows an attacker to trick authenticated users into executing unauthorized actions within the management interface. By luring users to visit a malicious webpage, attackers can send forged requests that exploit the user's privileges, potentially leading to unauthorized configuration changes or administrative actions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SODOLA SL902-SWTGW124AS 0 <= 200.1.20

References

https://www.sodola-network.com/products/sodola-6-port-2-5...

product

https://www.vulncheck.com/advisories/sodola-sl902-swtgw12...

third-party-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 27, 2026
Vulnerability Reserved
Feb 23, 2026

Credit

Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.

JSON

Shenzhen Hongyavision Technology Co., Ltd. (sodola Networks)

What is CVE-2026-27758?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.