GCVE - cpe:2.3:a:nuki:bridge_v1:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:nuki:bridge_v1:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Nuki (`95443c64-bfd3-5404-809f-c9d68870b420`)
Product	Bridge V1 (`fa435aef-e5bb-5561-a6a4-644893b02cd0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-32509`	vulnerable	2026-06-08 05:44:44.879676	Details available An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2. Published: 2024-05-09T19:30:06.236Z Updated: 2025-02-13T15:46:28.006Z Open on db.gcve.eu Reference links https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/ https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/ https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/ https://nuki.io/en/security-updates/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-32508`	vulnerable	2026-06-08 05:44:44.877847	Details available An issue was discovered on certain Nuki Home Solutions devices. By sending a malformed HTTP verb, it is possible to force a reboot of the device. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2. Published: 2024-05-09T19:49:11.826Z Updated: 2025-02-13T15:46:27.360Z Open on db.gcve.eu Reference links https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/ https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/ https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/ https://nuki.io/en/security-updates/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-32504`	vulnerable	2026-06-08 05:44:44.870361	Details available An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. This affects Nuki Smart Lock 3.0 before 3.3.5 and 2.0 before 2.12.4, as well as Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2. Published: 2024-05-09T19:33:56.851Z Updated: 2025-02-13T15:46:24.289Z Open on db.gcve.eu Reference links https://research.nccgroup.com/2022/07/25/technical-advisory-multiple-vulnerabilities-in-nuki-smart-locks-cve-2022-32509-cve-2022-32504-cve-2022-32502-cve-2022-32507-cve-2022-32503-cve-2022-32510-cve-2022-32506-cve-2022-32508-cve-2/ https://www.hackread.com/nuki-smart-locks-vulnerabilities-plethora-attack-options/ https://latesthackingnews.com/2022/07/28/multiple-security-flaws-found-in-nuki-smart-locks/ https://nuki.io/en/security-updates/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.