Paxtechnology Paydroid — known CVE vulnerabilities
Every CVE whose affected-product data names Paxtechnology Paydroid, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2022-26582 — CVSS 7.8 (high): PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in…
CVE-2023-42136 — CVSS 7.8 (high): PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow the execution of arbitrary commands…
CVE-2023-42137 — CVSS 7.8 (high): PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow for command execution with high…
CVE-2023-4818 — CVSS 7.6 (high): PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature is correctly checked and only bootloader…
CVE-2023-42134 — CVSS 6.8 (medium): PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can allow the signed partition overwrite and…
CVE-2022-26580 — CVSS 6.8 (medium): PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow the execution of specific command injections on selected binaries…
CVE-2022-26581 — CVSS 6.8 (medium): PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the…
CVE-2023-42135 — CVSS 6.8 (medium): PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local code execution via parameter injection…
CVE-2022-26579 — CVSS 6.0 (medium): PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. The…