Back to CVE List

CVE-2026-27756

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
6.1 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vulnerability Description

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a reflected cross-site scripting vulnerability in the management interface where user input is not properly encoded before output. Attackers can craft malicious URLs that execute arbitrary JavaScript in the web interface when visited by authenticated users.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
Shenzhen Hongyavision Technology Co., Ltd. (Sodola Networks)
Product
SODOLA SL902-SWTGW124AS

External References

Discussion (0)

Add Comment

No comments yet. Be the first!