Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Paxtechnology Subscribe
Filtered by product A930
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26581 1 Paxtechnology 2 A930, Paydroid 2023-02-28 N/A 6.8 MEDIUM
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. The attacker must have physical USB access to the device in order to exploit this vulnerability.
CVE-2022-26580 1 Paxtechnology 2 A930, Paydroid 2023-02-28 N/A 6.8 MEDIUM
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability.
CVE-2022-26582 1 Paxtechnology 2 A930, Paydroid 2023-02-28 N/A 7.8 HIGH
The systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands, leading to to arbitrary command execution as root.
CVE-2022-26579 1 Paxtechnology 2 A930, Paydroid 2023-02-28 N/A 6.0 MEDIUM
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability.