Skip to main content

Paydroid

5 CVEs product

Monthly

CVE-2023-26980 HIGH POC This Week

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Google Authentication Bypass Paydroid
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-26582 HIGH This Week

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in systool client. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Paydroid
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
CVE-2022-26581 MEDIUM This Month

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Paydroid
NVD GitHub
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-26580 MEDIUM This Month

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Paydroid
NVD GitHub
CVSS 3.1
6.8
EPSS
1.7%
CVE-2022-26579 MEDIUM This Month

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paydroid
NVD GitHub
CVSS 3.1
6.0
EPSS
0.2%
EPSS 0% CVSS 7.0
HIGH POC This Week

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Google Authentication Bypass +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in systool client. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Paydroid
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Paydroid
NVD GitHub
EPSS 2% CVSS 6.8
MEDIUM This Month

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Paydroid
NVD GitHub
EPSS 0% CVSS 6.0
MEDIUM This Month

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Paydroid
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy