High severity7.1NVD Advisory· Published May 14, 2024· Updated Apr 15, 2026
CVE-2022-32510
CVE-2022-32510
Description
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge used an unencrypted channel to provide an administrative interface. A token can be easily eavesdropped by a malicious actor to impersonate a legitimate user and gain access to the full set of API endpoints. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: v1 < 1.22.0, v2 < 2.13.2
Patches
Vulnerability mechanics
References
4- latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/nvd
- nuki.io/en/security-updates/nvd
- research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/nvd
- www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/nvd
News mentions
0No linked articles in our index yet.