Vulnerabilities > Paxtechnology
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-16 | CVE-2022-26581 | Missing Authorization vulnerability in Paxtechnology Paydroid 7.1.1Virgov04.3.26T120210419 PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an unauthorized attacker to perform privileged actions through the execution of specific binaries listed in ADB daemon. | 6.8 |
2022-12-16 | CVE-2022-26582 | OS Command Injection vulnerability in Paxtechnology Paydroid 7.1.1Virgov04.3.26T120210419 PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow an attacker to gain root access through command injection in systool client. | 7.8 |
2021-05-07 | CVE-2020-36124 | XXE vulnerability in Paxtechnology Paxstore Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by XML External Entity (XXE) injection. | 4.0 |
2021-05-07 | CVE-2020-36125 | Improper Authentication vulnerability in Paxtechnology Paxstore Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly. | 5.5 |
2021-05-07 | CVE-2020-36126 | Authorization Bypass Through User-Controlled Key vulnerability in Paxtechnology Paxstore Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation. | 5.5 |
2021-05-07 | CVE-2020-36127 | Improper Certificate Validation vulnerability in Paxtechnology Paxstore Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure vulnerability. | 4.0 |
2021-05-07 | CVE-2020-36128 | Authentication Bypass by Spoofing vulnerability in Paxtechnology Paxstore Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability. | 6.4 |