CNNVD-202506-2949 Information

CNNVD ID

CNNVD-202506-2949

Related CVE

CVE-2023-48978

• CNNVD Published: 2025-06-23

Description (Chinese)

NCR Atleos ITM Web terminal是美国NCR Atleos公司的一款网页终端。 NCR Atleos ITM Web terminal 4.4.0和4.4.4版本存在安全漏洞，该漏洞源于IP camera URL组件对特制脚本处理不当，可能导致执行任意代码。

Description (English)

NCR Atleos ITM Web multilateral is a web-based terminal for NCR Atleos in the United States. NCR Atleos ITM Web technical 4.4.0 and 4.4.4 have a security loophole, which stems from the inappropriate handling of specially made scripts by IP camera URL components, which may lead to the implementation of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ncvav

Published

2025-06-23

Last Modified

2026-02-24

References

https://drive.google.com/file/d/13JrkDcVtcQFepeGoG8roBZ1xFy7iBx1R/view?usp=sharing https://github.com/pwahba/cve-research/blob/main/CVE-2023-48978/CVE-2023-48978.md https://access.redhat.com/security/cve/cve-2023-48978