CVE-2022-50977 - Vulnerability Details

CVE-2022-50977 - Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTP

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Avibia Subscribe	Avibialine Avle1 Hd Subscribe Avibialine Avle2 Hd Subscribe Avibialine Avle4 Hd Subscribe Avibialine Avle6 Hd Subscribe Avibialine Avle8 Hd Subscribe Avibialine Avlx1 Hd Subscribe Avibialine Avlx2 Hd Subscribe Avibialine Avlx4 Hd Subscribe Avibialine Avlx6 Hd Subscribe Avibialine Avlx8 Hd Subscribe
Innomic Subscribe	Vibroline Vle1 Hd Subscribe Vibroline Vle2 Hd Subscribe Vibroline Vle4 Hd Subscribe Vibroline Vle6 Hd Subscribe Vibroline Vle8 Hd Subscribe Vibroline Vlx1 Hd Subscribe Vibroline Vlx2 Hd Subscribe Vibroline Vlx4 Hd Subscribe Vibroline Vlx6 Hd Subscribe Vibroline Vlx8 Hd Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Avibia Subscribe	Avibialine Avle1 Hd Subscribe Avibialine Avle2 Hd Subscribe Avibialine Avle4 Hd Subscribe Avibialine Avle6 Hd Subscribe Avibialine Avle8 Hd Subscribe Avibialine Avlx1 Hd Subscribe Avibialine Avlx2 Hd Subscribe Avibialine Avlx4 Hd Subscribe Avibialine Avlx6 Hd Subscribe Avibialine Avlx8 Hd Subscribe
Innomic Subscribe	Vibroline Vle1 Hd Subscribe Vibroline Vle2 Hd Subscribe Vibroline Vle4 Hd Subscribe Vibroline Vle6 Hd Subscribe Vibroline Vle8 Hd Subscribe Vibroline Vlx1 Hd Subscribe Vibroline Vlx2 Hd Subscribe Vibroline Vlx4 Hd Subscribe Vibroline Vlx6 Hd Subscribe Vibroline Vlx8 Hd Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html
https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json

History

Wed, 04 Feb 2026 12:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Avibia Avibia avibialine Avle1 Hd Avibia avibialine Avle2 Hd Avibia avibialine Avle4 Hd Avibia avibialine Avle6 Hd Avibia avibialine Avle8 Hd Avibia avibialine Avlx1 Hd Avibia avibialine Avlx2 Hd Avibia avibialine Avlx4 Hd Avibia avibialine Avlx6 Hd Avibia avibialine Avlx8 Hd Innomic Innomic vibroline Vle1 Hd Innomic vibroline Vle2 Hd Innomic vibroline Vle4 Hd Innomic vibroline Vle6 Hd Innomic vibroline Vle8 Hd Innomic vibroline Vlx1 Hd Innomic vibroline Vlx2 Hd Innomic vibroline Vlx4 Hd Innomic vibroline Vlx6 Hd Innomic vibroline Vlx8 Hd
Vendors & Products		Avibia Avibia avibialine Avle1 Hd Avibia avibialine Avle2 Hd Avibia avibialine Avle4 Hd Avibia avibialine Avle6 Hd Avibia avibialine Avle8 Hd Avibia avibialine Avlx1 Hd Avibia avibialine Avlx2 Hd Avibia avibialine Avlx4 Hd Avibia avibialine Avlx6 Hd Avibia avibialine Avlx8 Hd Innomic Innomic vibroline Vle1 Hd Innomic vibroline Vle2 Hd Innomic vibroline Vle4 Hd Innomic vibroline Vle6 Hd Innomic vibroline Vle8 Hd Innomic vibroline Vlx1 Hd Innomic vibroline Vlx2 Hd Innomic vibroline Vlx4 Hd Innomic vibroline Vlx6 Hd Innomic vibroline Vlx8 Hd

Mon, 02 Feb 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 02 Feb 2026 14:30:00 +0000

Type	Values Removed	Values Added
Description		An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.
Title		Multiple Innomic VibroLine VLX and avibia AVLX allow unauthenticated configuration preset change via HTTP
Weaknesses		CWE-306
References		https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2026-02-02T14:08:59.192Z

Updated: 2026-02-02T17:25:19.355Z

Reserved: 2026-01-12T08:05:55.994Z

Link: CVE-2022-50977

Vulnrichment

Updated: 2026-02-02T17:25:14.899Z

NVD

Status : Awaiting Analysis

Published: 2026-02-02T15:16:28.573

Modified: 2026-02-03T16:44:36.630

Link: CVE-2022-50977

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-02-04T12:44:39Z

Weaknesses

CWE-306

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object