CVE-2022-26582 Information

Description

The systool_server in PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 fails to check for dollar signs or backticks in user supplied commands leading to to arbitrary command execution as root.

Reference

https://cyshield.com/e077d6c3-adff-49a1-afc3-71e10140f95c