CVE-2022-50981
CRITICALInnomic and Avibia VibroLine Devices - Default Password Full Access
Title source: manualDescription
An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced.
References (2)
Core 2
Core References
Various Sources vendor-advisory
https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html
Various Sources vendor-advisory
https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json
Scores
CVSS v3
9.8
EPSS
0.0053
EPSS Percentile
40.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-306
Status
published
Products (50)
avibia/AvibiaLine AVLE1 HD 5.0
2.1.1340 - 2.1.1387
avibia/AvibiaLine AVLE1 HD 5.0
2.1.1866
avibia/AvibiaLine AVLE2 HD 5.0
2.1.1340 - 2.1.1387
avibia/AvibiaLine AVLE2 HD 5.0
2.1.1866
avibia/AvibiaLine AVLE4 HD 5.0
2.1.1340 - 2.1.1387
avibia/AvibiaLine AVLE4 HD 5.0
2.1.1866
avibia/AvibiaLine AVLE6 HD 5.0
2.1.1340 - 2.1.1387
avibia/AvibiaLine AVLE6 HD 5.0
2.1.1866
avibia/AvibiaLine AVLE8 HD 5.0
2.1.1340 - 2.1.1387
avibia/AvibiaLine AVLE8 HD 5.0
2.1.1866
... and 40 more
Published
Feb 02, 2026
Tracked Since
Feb 18, 2026