CRITICAL🇵🇱 Wersja polska

CVE-2023-47030

CVSS 9.8v3.1pub. 2025-06-23upd. 2025-06-25

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.

🤖 AI Analysis
How it works

An attacker sends a specially crafted GET request to the UserService SOAP API endpoint, which is used to verify user existence in the system. The mechanism handling this request contains a vulnerability classified as CWE-94 (Improper Control of Code Generation), meaning that data supplied by the attacker can be treated as code and executed on the server side. The exploit requires neither authentication nor user interaction.

Impact

An attacker can remotely execute arbitrary code on the server (RCE) and gain access to sensitive information processed by the system. As a result, complete takeover of the vulnerable system and data leakage are possible.

Mitigation & patch

Patches available from the vendor should be applied in accordance with the references provided. Until the fix is deployed, it is recommended to restrict network access to SOAP API endpoints exclusively to trusted IP addresses and monitor traffic directed to the UserService.

Who is affected

NCR Terminal Handler v.1.5.1

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ncr Terminal Handler

    APP
    Ncr
    1.5.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-47297CRITICAL9.8PL ✓ten sam produkt

NCR Terminal Handler — manipulacja ustawieniami umożliwia wykonanie dowolnych poleceń

CVE-2023-47029CRITICAL9.8PL ✓ten sam produkt

RCE i wyciek danych w NCR Terminal Handler przez komponent UserService

CVE-2023-47031CRITICAL9.8PL ✓ten sam produkt

NCR Terminal Handler – privilege escalation przez SOAP API

CVE-2023-47032CRITICAL9.8PL ✓ten sam produkt

RCE w NCR Terminal Handler v.1.5.1 przez SOAP API

CVE-2023-47295CRITICAL9.8PL ✓ten sam produkt

CSV Injection w NCR Terminal Handler umożliwia wykonanie dowolnych poleceń