oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows malicious users to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
o.bike smart_locker_firmware - |
||
o.bike obike-stationless bike sharing 2.5.4 |