Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27199 | 1 Paxtechnology | 2 Pax A930, Pax A930 Firmware | 2024-04-23 | N/A | 6.7 MEDIUM |
| PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks. | |||||
| CVE-2023-27198 | 1 Paxtechnology | 2 Pax A930, Pax A930 Firmware | 2024-04-23 | N/A | 6.8 MEDIUM |
| PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability. | |||||
| CVE-2023-27197 | 1 Paxtechnology | 2 Pax A930, Pax A930 Firmware | 2024-04-23 | N/A | 6.7 MEDIUM |
| PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability. | |||||