Unrated severityNVD Advisory· Published Feb 8, 2024· Updated Jun 10, 2025
CVE-2023-47020
CVE-2023-47020
Description
Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. This is exploited by an undisclosed function in the WSDL that lacks security controls and can accept custom content types.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: =1.5.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.