Vulnerability Details CVE-2022-26579
PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.8%
CVSS Severity
CVSS v3 Score 6.0
References
- https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c
- https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2022/CVEs/CVE-2022-26579.md
- https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2022/
- https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c
- https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2022/CVEs/CVE-2022-26579.md
- https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2022/
Products affected by CVE-2022-26579
-
cpe:2.3:h:paxtechnology:a930:-
-
cpe:2.3:o:paxtechnology:paydroid:7.1.1_virgo_v04.3.26t1_20210419