VYPR

Command Center Agent

by Ncr

CVEs (1)

  • CVE-2021-3122Feb 7, 2021
    risk 0.10cvss epss 0.87

    CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020…