exploitDog

CVE-2022-26579

Опубликовано: 16 дек. 2022

Источник: nvd

CVSS3: 6

EPSS Низкий

Описание

PAX A930 device with PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 can allow a root privileged attacker to install unsigned packages. The attacker must have shell access to the device and gain root privileges in order to exploit this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:paxtechnology:paydroid:7.1.1_virgo_v04.3.26t1_20210419:*:*:*:*:*:*:*

cpe:2.3:h:paxtechnology:a930:-:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00031

Низкий

6 Medium

CVSS3

Дефекты

CWE-345

CWE-345

Связанные уязвимости

GHSA-f22x-pp6j-8h8j

CVSS3: 6

github

около 3 лет назад

PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to install an unsigned application by copying the APK to /data/app, setting the appropriate permissions and rebooting the device.

EPSS

Процентиль: 8%

0.00031

Низкий

6 Medium

CVSS3

Дефекты

CWE-345

CWE-345