CVE-2016-10557

Name of the Vulnerable Software and Affected Versions appium-chromedriver versions prior to 2.9.4

Description The issue allows for a man-in-the-middle (MITM) attack due to the insecure download of binary resources over HTTP. This could potentially lead to remote code execution (RCE) if an attacker swaps the requested binary with a malicious one, provided they have a privileged network position. This position could be between the user and the remote server or on the same network.

Recommendations Update to version 2.9.4 or later.