Remote Code Execution in NCR Terminal Handler Product by NCR
CVE-2023-47030

Currently unrated

Key Information:

Vendor: NCR
Status: NCR Terminal Handler
Vendor: CVE Published:; 23 June 2025

What is CVE-2023-47030?

NCR Terminal Handler version 1.5.1 is susceptible to a remote code execution flaw, which stems from an insecure implementation of the UserService SOAP API. An attacker can exploit this vulnerability by sending a crafted GET request, enabling them to execute arbitrary code and potentially access sensitive information on the server.

References

https://drive.google.com/file/d/1ujUcB8XEs78WwWzs8cmD-u1T...

https://github.com/pwahba/cve-research/blob/main/CVE-2023...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Oct 30, 2023