Unrated severityNVD Advisory· Published Feb 27, 2026· Updated Mar 2, 2026
SODOLA SL902-SWTGW124AS <= 200.1.20 Reflected XSS in Management Interface
CVE-2026-27756
Description
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input is not properly encoded before output. Attackers can craft malicious URLs that execute arbitrary JavaScript in the web interface when visited by authenticated users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=200.1.20
- Shenzhen Hongyavision Technology Co., Ltd. (Sodola Networks)/SODOLA SL902-SWTGW124ASv5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.