Ncr Terminal Handler

NCR Terminal Handler v1.5.1 CODE EXEC via SOAP UserService GET
CVE-2023-47030 - June 23, 2025

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.

NCR Terminal Handler 1.5.1 RCE via crafted POST to UserService
CVE-2023-47029 - June 23, 2025

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component

Privilege Escalation in NCR Terminal Handler 1.5.1 via grantRoles SOAP API
CVE-2023-47031 - June 23, 2025

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component.

CSV injection in NCR Terminal Handler v1.5.1 exec arbitrary commands
CVE-2023-47295 - June 23, 2025

A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.

NCR Terminal Handler 1.5.1 RCE via UserService SOAP API
CVE-2023-47032 - June 23, 2025

Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function.

NCR Terminal Handler 1.5.1: Authenticated Cookie Forgery Allows Account Deletion
CVE-2023-47294 - June 23, 2025

An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie.

NCR Terminal Handler 1.5.1 SOAP API User Enumeration (CVE-2023-47298)
CVE-2023-47298 - June 23, 2025

An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.

Command Injection in NCR Terminal Handler 1.5.1 via Settings
CVE-2023-47297 - June 23, 2025

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.

CSRF Chaining Privilege Escalation in NCR Terminal Handler v1.5.1 via WSDL
CVE-2023-47020 8.8 - High - February 08, 2024

Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. This is exploited by an undisclosed function in the WSDL that lacks security controls and can accept custom content types.

Session Riding

NCR Terminal Handler 1.5.1 IDOR: Unprivileged Edit Audit Logs (CSV inj)
CVE-2023-47022 6.5 - Medium - February 06, 2024

Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection.

Insecure Direct Object Reference / IDOR

NCR Terminal Handler v1.5.1 CSRF Enables 1-Click Account Takeover via Weak WSDL
CVE-2023-47024 8.8 - High - January 20, 2024

Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types.

Session Riding