Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2024/10/11 12:1 p.m.21 views

CVE-2023-42133

PAX Android based POS devices allow for escalation of privilege via improperly configured scripts. An attacker must have shell access with system account privileges in order to exploit this vulnerability. A patch addressing this issue was included in firmware version...

6.7CVSS7.6AI score0.00233EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/17 12:0 a.m.3 views

PT-2024-13032 · Pax · Pax Android

Name of the Vulnerable Software and Affected Versions: PAX Android based POS devices versions prior to PayDroid 8.1.0 Sagittarius V11.1.61 20240226 Description: The issue allows for escalation of privilege via improperly configured scripts. An attacker must have shell access with system account...

6.7CVSS7.8AI score0.00233EPSS
Exploits0References14
NVD
NVD
added 2024/01/15 2:15 p.m.29 views

CVE-2023-42136

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow the execution of arbitrary commands with system account privilege by shell injection starting with a specific word. The attacker must have shell access to the device in order to exploit this...

7.8CVSS7.9AI score0.0048EPSS
Exploits1References4
Prion
Prion
added 2024/01/15 2:15 p.m.22 views

Design/Logic Flaw

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the device in order to exploit this vulnerability...

4.3CVSS7.5AI score0.00663EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2024/01/15 2:15 p.m.15 views

Input validation

PAX A920Pro/A50 devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition. The attacker must have physical USB access to the device in order to exploit this...

4.6CVSS7.5AI score0.00663EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2024/01/15 1:28 p.m.26 views

CVE-2023-42137

PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the device in order to exploit this vulnerability...

7.8CVSS7.9AI score0.00466EPSS
Exploits1References4
Rows per page
Query Builder