Authorization

2023-07-0520:15:00

PRIOn knowledge base

www.prio-n.com

pax technology

a930

vulnerability

authorization

ld_preload

shared library

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.

CPENameOperatorVersion
pax_a930_firmwareeqpaydroid7.1.1virgov4.5.220220722

CPE	Name	Operator	Version
	pax_a930_firmware	eq	paydroid7.1.1virgov4.5.220220722

References

github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27199.md