CVE-2022-50977 – CVE-2022-50977 allows unauthenticated remote at... (How to Fix)

Q: What is the severity of CVE-2022-50977?

CVE-2022-50977 has a CVSS score of 7.5 (HIGH). CVE-2022-50977 allows unauthenticated remote attackers to disrupt operations by switching between multiple configuration presets via HTTP requests. This affects systems running vulnerable versions of Innomic products that expose configuration management interfaces. The vulnerability enables denial of service through configuration manipulation.

📋 TL;DR

CVE-2022-50977 allows unauthenticated remote attackers to disrupt operations by switching between multiple configuration presets via HTTP requests. This affects systems running vulnerable versions of Innomic products that expose configuration management interfaces. The vulnerability enables denial of service through configuration manipulation.

💻 Affected Systems

Products:

Innomic products with configuration preset functionality

Versions: Specific versions not detailed in references, but affected versions are documented in vendor advisories.

Operating Systems: Not OS-specific - affects application layer

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with exposed HTTP configuration interfaces. Network exposure increases risk.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption through configuration corruption, requiring manual restoration and extended downtime.

🟠

Likely Case

Temporary service interruption and configuration instability requiring administrator intervention.

🟢

If Mitigated

Minimal impact with proper network segmentation and authentication controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP requests can trigger the vulnerability without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions

Vendor Advisory: https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html

Restart Required: Yes

Instructions:

1. Review vendor advisory for affected versions. 2. Apply vendor-provided patches. 3. Restart affected services. 4. Verify configuration stability.

🔧 Temporary Workarounds

Network Access Control

linux

Restrict access to configuration interfaces using firewall rules

iptables -A INPUT -p tcp --dport [CONFIG_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
iptables -A INPUT -p tcp --dport [CONFIG_PORT] -j DROP

Authentication Enforcement

all

Ensure all configuration endpoints require authentication

🧯 If You Can't Patch

Implement strict network segmentation to isolate configuration interfaces
Deploy web application firewall with rate limiting and anomaly detection

🔍 How to Verify

Check if Vulnerable:

Test if unauthenticated HTTP requests to configuration preset endpoints are accepted

Check Version:

Check product documentation for version command specific to affected Innomic products

Verify Fix Applied:

Verify that unauthenticated configuration preset switching requests are rejected

📡 Detection & Monitoring

Log Indicators:

Multiple configuration preset change requests from single source
Unauthenticated requests to configuration endpoints

Network Indicators:

HTTP POST/PUT requests to configuration preset endpoints without authentication headers
Rapid succession of configuration change requests

SIEM Query:

source_ip=* AND (uri_path CONTAINS '/config/preset' OR uri_path CONTAINS '/configuration') AND http_method IN ('POST','PUT') AND auth_token=NULL

📊 Metadata

CVE ID: CVE-2022-50977

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-306

Published: February 2, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy