Описание
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:paxtechnology:pax_a930_firmware:paydroid_7.1.1_virgo_v04.5.02_20220722:*:*:*:*:*:*:*
cpe:2.3:h:paxtechnology:pax_a930:-:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00081
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 6.8
github
больше 2 лет назад
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability.
EPSS
Процентиль: 24%
0.00081
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-78
CWE-78