exploitDog

CVE-2023-47030

Опубликовано: 23 июн. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.

Ссылки

https://drive.google.com/file/d/1ujUcB8XEs78WwWzs8cmD-u1Twqi10yEh/view?usp=sharing
Permissions Required
https://github.com/pwahba/cve-research/blob/main/CVE-2023-47030/CVE-2023-47030.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ncr:terminal_handler:1.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00578

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-xhqf-m659-g445

github

8 месяцев назад

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.

EPSS

Процентиль: 68%

0.00578

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-94