Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ncratleos terminal handler 1.5.1 |