Product:

Terminal_handler

(Ncr)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2025-06-23 CVE-2023-47297 A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations. Terminal_handler N/A
2025-06-23 CVE-2023-47298 An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses. Terminal_handler N/A
2025-06-23 CVE-2023-47032 Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function. Terminal_handler N/A
2025-06-23 CVE-2023-47295 A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings. Terminal_handler N/A
2025-06-23 CVE-2023-47031 An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component. Terminal_handler N/A
2025-06-23 CVE-2023-47030 An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists. Terminal_handler N/A
2024-02-06 CVE-2023-47022 Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection. Terminal_handler 6.5