Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function.
The vulnerability classified as CWE-94 (Code Injection) affects the UserService function in the SOAP API interface of the NCR Terminal Handler application. An attacker sends a specially crafted script to the aforementioned API function, resulting in execution of the supplied code on the server side. No permissions or user interaction are required to conduct the attack, and the attack is executed remotely over the network.
An attacker can gain full control over the system, obtaining unauthorized access to data, ability to modify the system, and potential disruption of its operation.
Patches available from the manufacturer should be applied according to references. It is also recommended to restrict network access to the SOAP API interface only to trusted hosts and monitor traffic directed to the UserService endpoint.
NCR Terminal Handler version 1.5.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNcr Terminal Handler
APPNcr1.5.1
Related vulnerabilities
NCR Terminal Handler — manipulacja ustawieniami umożliwia wykonanie dowolnych poleceń
RCE i wyciek danych w NCR Terminal Handler przez komponent UserService
RCE w NCR Terminal Handler via SOAP API — nieuwierzytelniony dostęp zdalny
NCR Terminal Handler – privilege escalation przez SOAP API
CSV Injection w NCR Terminal Handler umożliwia wykonanie dowolnych poleceń