This page lists publicly disclosed CVE vulnerabilities affecting paxtechnology pax_a930_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-27199 | PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks. | [email protected] | 6.7 | 0.04% | 2023-07-05 | 2024-12-04 |
| CVE-2023-27198 | PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability. | [email protected] | 6.8 | 0.08% | 2023-07-05 | 2024-11-21 |
| CVE-2023-27197 | PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability. | [email protected] | 6.7 | 0.03% | 2023-07-05 | 2024-11-21 |