VYPR

CashDro 3

by CashDro

CVEs (2)

  • CVE-2026-8076CriMay 8, 2026
    risk 0.60cvss epss 0.00

    Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed…

  • CVE-2026-8077HigMay 8, 2026
    risk 0.56cvss epss 0.00

    Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an…