The vulnerability identified as CVE-2026-27753 affects the SODOLA SL902-SWTGW124AS device firmware versions up to 200.1.20. It is classified under CWE-307, which pertains to improper restriction of excessive authentication attempts. Specifically, the device's management interface does not implement any lockout mechanism or rate limiting to restrict the number of login attempts. This allows remote attackers to conduct unlimited brute-force or password guessing attacks without triggering any security controls. The attack vector is network-based (AV:N), with low attack complexity (AC:L), and does not require privileges, user interaction, or authentication (AT:N, PR:N, UI:N). The vulnerability impacts confidentiality and integrity to a limited extent (VC:L, VI:L), but does not affect availability or authorization scope. The absence of account lockout or throttling mechanisms makes it easier for attackers to gain unauthorized access to the device management interface, potentially leading to control over the device and subsequent network compromise. No patches or exploits are currently documented, but the risk remains significant due to the ease of exploitation and the critical role of such devices in network infrastructure.

The primary impact of this vulnerability is unauthorized access to the management interface of the SODOLA SL902-SWTGW124AS device. Successful exploitation could allow attackers to alter device configurations, disable security features, or pivot within the network, potentially compromising confidentiality and integrity of network communications. Organizations relying on this device for network management or security functions may face increased risk of data breaches, network downtime, or lateral movement by attackers. Given the device's role, exploitation could undermine trust in network infrastructure and lead to operational disruptions. The lack of rate limiting increases the likelihood of brute-force attacks succeeding, especially if weak or default credentials are used. Although no known exploits are currently in the wild, the medium severity score and ease of exploitation warrant proactive mitigation to avoid potential future attacks.

Organizations should immediately verify if they are using the SODOLA SL902-SWTGW124AS device with firmware versions through 200.1.20 and prioritize upgrading to a fixed firmware version once available. In the absence of an official patch, network administrators should restrict access to the device management interface by implementing network segmentation and firewall rules to limit management access to trusted IP addresses only. Enforce strong, complex passwords and consider integrating multi-factor authentication if supported by the device. Monitor login attempts and device logs for unusual authentication activity indicative of brute-force attacks. If possible, deploy external rate limiting or intrusion prevention systems to detect and block repeated login attempts. Regularly audit device configurations and update credentials periodically. Engage with the vendor for firmware updates or workarounds and subscribe to security advisories for timely information.