64 matches found
CVE-2022-26580
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2022-26579
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability...
CVE-2022-26582
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2022-26581
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2023-27199
PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...
CVE-2023-27197
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2023-27198
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2023-27198
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2023-27199
PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...
CVE-2023-27199
PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...
CVE-2023-27198
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2023-27197
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2023-27199
PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...
CVE-2023-27197
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2023-27197
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...
Design/Logic Flaw
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...
Design/Logic Flaw
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability...
Authorization
PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...
CVE-2023-27198
The CVE-2023-27198 issue affects the PAX A930 Android-based PayDroid build (version Virgo 7.1.1_V04.5.02_20220722). A command-injection vulnerability exists in the exec service that can allow arbitrary command execution when a specific word is included in the command. Exploitation requires physic...
CVE-2023-27197
PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...