📦

a930

Vendor: paxtechnology

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 0.59% Exploit Prob.

Latest CVE CVE-2022-26582 Dec 16

Security Vulnerability Index

Page 1 / 1

7.8 CVSS

CVE-2022-26582

RCE

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in systool client. The attacker must have shell access to the device in order to exploit this vulnerability.

EPSS: 0.73%

Severity: HIGH

Dec 16, 2022

6.8 CVSS

CVE-2022-26581

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. The attacker must have physical USB access to the device in order to exploit this vulnerability.

EPSS: 0.10%

Severity: MEDIUM

Dec 16, 2022

6.8 CVSS

CVE-2022-26580

RCE

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability.

EPSS: 1.50%

Severity: MEDIUM

Dec 16, 2022

6.0 CVSS

CVE-2022-26579

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability.

EPSS: 0.03%

Severity: MEDIUM

Dec 16, 2022

Displaying 4 of 4 Total Entries

Total 1 Sections