Lucene search
+L

73 matches found

cve
cve
added 2022/12/16 12:0 a.m.96 views

CVE-2022-26580

The CVE-2022-26580 entry concerns the PAX A930 Android-based payment terminal running PayDroid_7.1.1_Virgo_V04.3.26T1_20210419. The vulnerability allows execution of command injections in certain binaries within the ADB daemon shell service. Exploitation requires physical USB access to the device...

6.8CVSS6.6AI score0.01745EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2022/12/16 12:0 a.m.12 views

PT-2022-17940 · Pax Technology · Paydroid +1

Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid versions 7.1.1 Virgo V04.3.26T1 20210419 through 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows an unauthorized attacker to perform privileged actions through the execution of specific binaries liste...

6.8CVSS7.1AI score0.00329EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2022/12/16 12:0 a.m.13 views

CVE-2022-26581

PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. The attacker must have physical USB access to the device in order to exploit this vulnerability...

6.7AI score0.00329EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2022/12/16 12:0 a.m.16 views

CVE-2022-26579

PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...

7AI score0.00158EPSS
Exploits0References3
cve
cve
added 2022/12/16 12:0 a.m.97 views

CVE-2022-26579

CVE-2022-26579 affects the PAX A930 PayDroid platform. The issue allows a root-privileged attacker, with shell access, to install unsigned packages by exploiting a path/privilege flaw that enables elevated code execution on the device. The known exploitation path describes copying the APK to /dat...

6CVSS6AI score0.00158EPSS
Exploits0References3Affected Software1
cve
cve
added 2022/12/16 12:0 a.m.88 views

CVE-2022-26582

CVE-2022-26582 affects PAX A930 PayDroid on multiple builds. The issue enables root-level arbitrary command execution via command injection in the systool client when an attacker has shell access. Root access is achieved by exploiting unsanitized user-supplied commands (e.g., dollar signs/backtic...

7.8CVSS8AI score0.00872EPSS
Exploits0References3Affected Software1
cve
cve
added 2022/12/16 12:0 a.m.91 views

CVE-2022-26581

CVE-2022-26581 affects the PAX A930 PayDroid platform where the ADB daemon can execute the systool utility in production mode, enabling an unauthenticated attacker with physical USB access to perform privileged actions. Affected: PAX A930 devices with PayDroid; reported binaries in the ADB daemon...

6.8CVSS6.4AI score0.00329EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2022/12/16 12:0 a.m.9 views

PT-2022-17939 · Pax · Pax A930 +1

Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid versions 7.1.1 Virgo V04.3.26T1 20210419 through 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows the execution of specific command injections on selected binaries in the ADB daemon shell service. An...

6.8CVSS6.9AI score0.01745EPSS
Exploits0References8
vulnrichment
vulnrichment
added 2022/12/16 12:0 a.m.19 views

CVE-2022-26580

PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability...

6.9AI score0.01745EPSS
Exploits0References3
cnnvd
cnnvd
added 2022/12/16 12:0 a.m.5 views

PAX Technology A930 操作系统命令注入漏洞

PAX Technology A930 is an Android mobile payment terminal from PAX Technology, a China-based company. An operating system command injection vulnerability exists in the PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version, which stems from the presence of command injection...

6.8CVSS6.7AI score0.01745EPSS
Exploits0References3
cvelist
cvelist
added 2022/12/16 12:0 a.m.40 views

CVE-2022-26580

PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability...

6.8AI score0.01745EPSS
Exploits0References3
cvelist
cvelist
added 2022/12/16 12:0 a.m.31 views

CVE-2022-26582

PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...

8.2AI score0.00872EPSS
Exploits0References3
cvelist
cvelist
added 2022/12/16 12:0 a.m.38 views

CVE-2022-26579

PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...

6.2AI score0.00158EPSS
Exploits0References3
Rows per page
Query Builder