Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-26579

Published: 16/12/2022 Updated: 23/04/2024
CVSS v3 Base Score: 6 | Impact Score: 5.2 | Exploitability Score: 0.8
VMScore: 0
Subscribe to Paxtechnology

Vulnerability Summary

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged malicious user to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

paxtechnology paydroid 7.1.1_virgo_v04.3.26t1_20210419

Github Repositories

https://github.com/shlin168/go-nvd

Tools to dump CVE/CPE data from NVD to database, and run API server on top of that

go-nvd NVD officially provides APIs for CPE and CVE, while both are set with rate limit To support high-volume query, go-nvd supports command to dump data from NVD to self-owned database and run API server on top of that to provide same API spec and part of parameters as NVD Available database: mongo API DB (nvd) ┌──â”

References

CWE-345https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95chttps://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2022/CVEs/CVE-2022-26579.mdhttps://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2022/https://nvd.nist.govhttps://github.com/shlin168/go-nvd
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook