GCVE - cpe:2.3:o:paxtechnology:pax_a930_firmware:paydroid_7.1.1_virgo_v04.5.02

Approved changes feed: RSS · Atom

cpe:2.3:o:paxtechnology:pax_a930_firmware:paydroid_7.1.1_virgo_v04.5.02_20220722:*:*:*:*:*:*:*

part: o version: paydroid_7.1.1_virgo_v04.5.02_20220722 update: *

Vendor	Paxtechnology (`595ae241-81fc-56b3-931a-4bd76e3a7d24`)
Product	Pax A930 Firmware (`96159664-7eb9-5b09-9284-82ebfedbdcd3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-27199`	vulnerable	2026-06-08 05:57:40.711529	Details available PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks. Published: 2023-07-05T00:00:00.000Z Updated: 2024-12-04T15:53:37.997Z Open on db.gcve.eu Reference links https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27199.md https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-27198`	vulnerable	2026-06-08 05:57:40.710921	Details available PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability. Published: 2023-07-05T00:00:00.000Z Updated: 2024-08-02T12:01:32.438Z Open on db.gcve.eu Reference links https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27198.md https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-27197`	vulnerable	2026-06-08 05:57:40.709800	Details available PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability. Published: 2023-07-05T00:00:00.000Z Updated: 2024-12-05T17:00:22.985Z Open on db.gcve.eu Reference links https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27197.md https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Pax A930 Firmware

PURL mappings

Vulnerability references

Contribute