Vulnerabilities (CVE)

Filtered by vendor Paxtechnology Subscribe
Filtered by product Pax A930 Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-27199 1 Paxtechnology 2 Pax A930, Pax A930 Firmware 2024-11-21 N/A 6.7 MEDIUM
PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.
CVE-2023-27198 1 Paxtechnology 2 Pax A930, Pax A930 Firmware 2024-11-21 N/A 6.8 MEDIUM
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability.
CVE-2023-27197 1 Paxtechnology 2 Pax A930, Pax A930 Firmware 2024-11-21 N/A 6.7 MEDIUM
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability.