Terminal Handler
Monthly
CVE-2023-47030 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code and access sensitive information through improper input validation in the UserService SOAP API endpoint. The vulnerability affects point-of-sale and terminal systems used in retail and hospitality environments, enabling complete system compromise without authentication or user interaction.
CVE-2023-47029 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code and exfiltrate sensitive information through a crafted POST request to the UserService component. With a CVSS score of 9.8 and network-based attack vector requiring no privileges or user interaction, this vulnerability poses an immediate threat to NCR point-of-sale and payment terminal environments. The vulnerability's status as actively exploited (KEV designation) and the existence of public proof-of-concept code indicate high real-world exploitation risk.
CVE-2023-47031 is a critical privilege escalation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to gain administrative privileges by crafting malicious POST requests to SOAP API endpoints (grantRolesToUsers, grantRolesToGroups, grantRolesToOrganization). With a CVSS score of 9.8 and attack vector requiring no authentication or user interaction, this vulnerability poses an immediate threat to exposed NCR Terminal Handler installations. The vulnerability has been confirmed with public disclosure and is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.
CVE-2023-47295 is a critical CSV injection vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to execute arbitrary commands through crafted payloads injected into any text input field. The vulnerability has a CVSS 9.8 score indicating maximum severity due to network accessibility, no authentication requirements, and complete system compromise potential (confidentiality, integrity, and availability impact). This represents a direct remote code execution risk affecting payment terminal infrastructure.
CVE-2023-47294 is a session cookie validation flaw in NCR Terminal Handler v1.5.1 that permits authenticated attackers with low privileges to craft malicious session cookies to arbitrarily deactivate, lock, and delete user accounts, resulting in high integrity and availability impact. This vulnerability has a CVSS 8.1 score (High severity) and affects NCR's point-of-sale and terminal management infrastructure; while no public POC or active KEV listing is confirmed from the provided data, the network-accessible nature (AV:N) and low attack complexity (AC:L) make this a material risk for organizations deploying this terminal handler in production environments.
CVE-2023-47032 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code by sending malicious scripts to the UserService SOAP API endpoint. The vulnerability affects NCR's point-of-sale terminal handler software and carries a CVSS score of 9.8 (critical severity). There is no indication of active exploitation in the wild, but the network-accessible SOAP API, lack of authentication requirements, and high-severity CWE-94 (Improper Control of Generation of Code) suggest this poses significant risk to NCR terminal deployments.
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.
CVE-2023-47297 is a critical settings manipulation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to execute arbitrary commands and modify system security auditing configurations without authentication. With a CVSS score of 9.8 and network-accessible attack vector, this vulnerability poses an immediate threat to NCR terminal deployments in retail and financial environments. The vulnerability's presence in point-of-sale systems and payment terminals makes it particularly dangerous for organizations processing financial transactions.
CVE-2023-47030 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code and access sensitive information through improper input validation in the UserService SOAP API endpoint. The vulnerability affects point-of-sale and terminal systems used in retail and hospitality environments, enabling complete system compromise without authentication or user interaction.
CVE-2023-47029 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code and exfiltrate sensitive information through a crafted POST request to the UserService component. With a CVSS score of 9.8 and network-based attack vector requiring no privileges or user interaction, this vulnerability poses an immediate threat to NCR point-of-sale and payment terminal environments. The vulnerability's status as actively exploited (KEV designation) and the existence of public proof-of-concept code indicate high real-world exploitation risk.
CVE-2023-47031 is a critical privilege escalation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to gain administrative privileges by crafting malicious POST requests to SOAP API endpoints (grantRolesToUsers, grantRolesToGroups, grantRolesToOrganization). With a CVSS score of 9.8 and attack vector requiring no authentication or user interaction, this vulnerability poses an immediate threat to exposed NCR Terminal Handler installations. The vulnerability has been confirmed with public disclosure and is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.
CVE-2023-47295 is a critical CSV injection vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to execute arbitrary commands through crafted payloads injected into any text input field. The vulnerability has a CVSS 9.8 score indicating maximum severity due to network accessibility, no authentication requirements, and complete system compromise potential (confidentiality, integrity, and availability impact). This represents a direct remote code execution risk affecting payment terminal infrastructure.
CVE-2023-47294 is a session cookie validation flaw in NCR Terminal Handler v1.5.1 that permits authenticated attackers with low privileges to craft malicious session cookies to arbitrarily deactivate, lock, and delete user accounts, resulting in high integrity and availability impact. This vulnerability has a CVSS 8.1 score (High severity) and affects NCR's point-of-sale and terminal management infrastructure; while no public POC or active KEV listing is confirmed from the provided data, the network-accessible nature (AV:N) and low attack complexity (AC:L) make this a material risk for organizations deploying this terminal handler in production environments.
CVE-2023-47032 is a critical remote code execution vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated attackers to execute arbitrary code by sending malicious scripts to the UserService SOAP API endpoint. The vulnerability affects NCR's point-of-sale terminal handler software and carries a CVSS score of 9.8 (critical severity). There is no indication of active exploitation in the wild, but the network-accessible SOAP API, lack of authentication requirements, and high-severity CWE-94 (Improper Control of Generation of Code) suggest this poses significant risk to NCR terminal deployments.
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.
CVE-2023-47297 is a critical settings manipulation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to execute arbitrary commands and modify system security auditing configurations without authentication. With a CVSS score of 9.8 and network-accessible attack vector, this vulnerability poses an immediate threat to NCR terminal deployments in retail and financial environments. The vulnerability's presence in point-of-sale systems and payment terminals makes it particularly dangerous for organizations processing financial transactions.