10 matches found
CVE-2022-26582
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2022-26582
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
Command injection
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2022-26582
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
PAX Technology A930 安全漏洞
PAX Technology A930 is an Android mobile payment terminal from PAX Technology, a Chinese company. A security vulnerability exists in the PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version, which stems from an ADB daemon that allows the execution of the systool utility in production...
PAX Technology A930 操作系统命令注入漏洞
The PAX Technology A930 is an Android mobile payment terminal from China's PAX Technology. An operating system command injection vulnerability exists in the PAX Technology A930 PayDroid7.1.1VirgoV04.3.26T120210419 version, which stems from the systoolserver's inability to check for dollar signs o...
PT-2022-17940 · Pax Technology · Paydroid +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid versions 7.1.1 Virgo V04.3.26T1 20210419 through 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows an unauthorized attacker to perform privileged actions through the execution of specific binaries liste...
PT-2022-17941 · Pax Technology · Paydroid +1
Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid version 7.1.1 Virgo V04.3.26T1 20210419 PAX Technology A930 PayDroid version 7.1.1 Virgo V04.4.02 20211201 Description: The issue allows an attacker to gain root access through command injection in the systool...
CVE-2022-26582
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2022-26582
CVE-2022-26582 affects PAX A930 PayDroid on multiple builds. The issue enables root-level arbitrary command execution via command injection in the systool client when an attacker has shell access. Root access is achieved by exploiting unsanitized user-supplied commands (e.g., dollar signs/backtic...