Configuration Management Flaw in Innomic's Product
CVE-2022-50977

7.5HIGH

Key Information:

Vendor: Innomic
Status: Vibroline Vlx1 Hd 5.0; Vibroline Vlx2 Hd 5.0; Vibroline Vlx4 Hd 5.0; Vibroline Vlx6 Hd 5.0
Vendor: CVE Published:; 2 February 2026

What is CVE-2022-50977?

An unauthenticated remote attacker can exploit a vulnerability in Innomic's configuration management system to disrupt its operations by switching between various configuration presets via HTTP. This flaw provides a potential pathway for attackers to adversely affect system functionality without needing any form of authentication, posing a significant risk to users.

Affected Version(s)

AvibiaLine AVLX1 HD 5.0 2.1.1340 <= 2.1.1387

AvibiaLine AVLX1 HD 5.0 2.1.1866

AvibiaLine AVLX2 HD 5.0 2.1.1340 <= 2.1.1387

References

https://www.innomic.com/.well-known/csaf/white/2026/ids-2...

vendor-advisory

https://www.innomic.com/.well-known/csaf/white/2026/ids-2...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2026
Vulnerability Reserved
Jan 12, 2026

CVE-2022-50977 Data

JSON