Vulnerabilities > Ehang IO > NPS > 0.22.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-06 | CVE-2022-40494 | Improper Authentication vulnerability in Ehang-Io NPS NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters. | 9.8 |
| 2019-08-16 | CVE-2019-15119 | Incorrect Permission Assignment for Critical Resource vulnerability in Ehang-Io NPS lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user. | 5.5 |