CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47030
https://notcve.org/view.php?id=CVE-2023-47030
23 Jun 2025 — An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists. • https://drive.google.com/file/d/1ujUcB8XEs78WwWzs8cmD-u1Twqi10yEh/view?usp=sharing • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47031
https://notcve.org/view.php?id=CVE-2023-47031
23 Jun 2025 — An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component. • http://ncr.com • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47032
https://notcve.org/view.php?id=CVE-2023-47032
23 Jun 2025 — Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function. • https://drive.google.com/file/d/1rTKc2nxEc40VTItJiJ9moZ5VrHG3xQuj/view?usp=sharing • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47295
https://notcve.org/view.php?id=CVE-2023-47295
23 Jun 2025 — A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings. • https://drive.google.com/file/d/14uldfUpLRIc-NfHiUco0ja-ZiF0MazGA/view?usp=sharing • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47297
https://notcve.org/view.php?id=CVE-2023-47297
23 Jun 2025 — A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations. • https://drive.google.com/file/d/1YzoJ2QuI9LEEpF8r5ZiCdTQtR9hfsXl7/view?usp=sharing • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47298
https://notcve.org/view.php?id=CVE-2023-47298
23 Jun 2025 — An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses. • https://drive.google.com/file/d/1-BDd0ycuYhuxo-lg4th-Cswimoqqzkot/view?usp=sharing • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47022
https://notcve.org/view.php?id=CVE-2023-47022
06 Feb 2024 — Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection. Un problema en NCR Terminal Handler v.1.5.1 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el parámetro payload. • https://github.com/Patrick0x41/Security-Advisories/tree/main/CVE-2023-47022 • CWE-639: Authorization Bypass Through User-Controlled Key CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 1CVE-2021-3122
https://notcve.org/view.php?id=CVE-2021-3122
07 Feb 2021 — CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. NOTE: the vendor's position is that exploitation occurs only on devices with a certain "misconfiguration." CMCAgent en el NCR Command Center Agent versión 16.3, en los servidores Aloha POS/BOH permite el envío de un parám... • https://github.com/acquiredsecurity/CVE-2021-3122-Details • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 1CVE-2020-9063
https://notcve.org/view.php?id=CVE-2020-9063
21 Aug 2020 — NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an attacker with physical access to internal ATM components the ability to inject a malicious payload and execute arbitrary code with SYSTEM privileges on the host computer by causing a buffer overflow on the host. Los Cajeros Automáticos NCR SelfServ que ejecutan APTRA XFS versiones 05.01.00 o anteriores, no autentica... • https://kb.cert.org/vuls/id/116713 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10126
https://notcve.org/view.php?id=CVE-2020-10126
21 Aug 2020 — NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the update process looks for CAB archives on removable media and executes a specific file without first validating the signature of the CAB archive. Los Cajeros Automáticos NCR SelfServ que ejecutan APTRA XFS versión 05.... • https://kb.cert.org/vuls/id/815655 • CWE-305: Authentication Bypass by Primary Weakness CWE-347: Improper Verification of Cryptographic Signature •