12 matches found
CVE-2023-27197
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...
PT-2023-20999 · Pax · Pax A930 +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must hav...
CVE-2023-27198
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability...
PT-2023-20998 · Pax · Pax A930 +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
Command injection
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2022-26582
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
PT-2022-17939 · Pax · Pax A930 +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid versions 7.1.1 Virgo V04.3.26T1 20210419 through 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows the execution of specific command injections on selected binaries in the ADB daemon shell service. An...
PAX Technology A930 操作系统命令注入漏洞
PAX Technology A930 is an Android mobile payment terminal from PAX Technology, a China-based company. An operating system command injection vulnerability exists in the PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version, which stems from the presence of command injection...
PT-2022-17938 · Paydroid +1 · Paydroid +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid versions 7.1.1 Virgo V04.3.26T1 20210419 through 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows a root privileged attacker to install unsigned packages on the device. To exploit this, the attacker mu...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...