Ehang-Io: Security Vulnerabilities
NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters.
CVSS Score
9.8
EPSS Score
0.068
Published
2022-10-06
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-08-16