Remote Code Execution Vulnerability in NCR ITM Web Terminal
CVE-2023-48978

Currently unrated

Key Information:

Vendor: NCR
Status: ITM Web Terminal
Vendor: CVE Published:; 23 June 2025

What is CVE-2023-48978?

A vulnerability exists in specific versions of NCR ITM Web Terminal that permits a remote attacker to execute arbitrary code. This can potentially occur through a crafted script targeting the IP camera URL component, putting systems at risk of unauthorized access and manipulation.

References

https://drive.google.com/file/d/13JrkDcVtcQFepeGoG8roBZ1x...

https://github.com/pwahba/cve-research/blob/main/CVE-2023...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Nov 20, 2023