PT-2025-26611 · Ncr · Ncr Terminal Handler
Published
2025-06-23
·
Updated
2025-06-28
·
CVE-2023-47295
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
NCR Terminal Handler version 1.5.1
Description:
A CSV injection issue allows attackers to execute arbitrary commands by injecting a crafted payload into any text field that accepts strings.
Recommendations:
For NCR Terminal Handler version 1.5.1, consider restricting input to text fields to prevent the injection of malicious payloads until a patch is available.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ncr Terminal Handler