Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.
AnalysisAI
CVE-2023-47030 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code and access sensitive information through improper input validation in the UserService SOAP API endpoint. The vulnerability affects point-of-sale and terminal systems used in retail and hospitality environments, enabling complete system compromise without authentication or user interaction.
Technical ContextAI
The vulnerability exists in NCR Terminal Handler's UserService SOAP API endpoint, which implements user existence validation via GET requests without proper input sanitization. The root cause is CWE-94 (Code Injection), indicating that user-supplied input from the GET request is directly interpreted as code without validation or encoding. SOAP (Simple Object Access Protocol) endpoints are common attack surfaces when they accept untrusted input for object manipulation. The vulnerable endpoint fails to properly sanitize parameters passed during user validation checks, allowing attackers to inject malicious code that executes within the terminal handler's security context. This is exacerbated by the SOAP framework's reliance on serialization/deserialization of complex objects, which can be exploited to instantiate arbitrary classes or execute functions.
More in Terminal Handler
View allCVE-2023-47029 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthentica
CVE-2023-47032 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthentica
CVE-2023-47031 is a critical privilege escalation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticat
CVE-2023-47295 is a critical CSV injection vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remo
CVE-2023-47297 is a critical settings manipulation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthentica
CVE-2023-47294 is a session cookie validation flaw in NCR Terminal Handler v1.5.1 that permits authenticated attackers w
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoi
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2023-51186