CVE-2023-42136

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 15, 2024

Updated: Jan 19, 2024

CWE ID 74

CWE ID 20

Summary

CVE-2023-42136 is a vulnerability affecting PAX Android-based POS devices running PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier. An attacker can exploit this issue by injecting specific commands via shell access, allowing the execution of arbitrary commands with system account privileges. This vulnerability poses a significant risk, as an attacker gaining shell access to the device can leverage it to compromise the system and potentially steal sensitive data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/snPGYM
https://www.cve.org/CVERecord?id=CVE-2023-42136
https://nvd.nist.gov/vuln/detail/CVE-2023-42136

Back to Vulnerability Database

CVE-2023-42136

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations