CVE-2023-3656

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.
References
Link Resource
https://doi.org/10.35011/ww2q-d522 Technical Description
https://www.cashit.at/ Product
https://doi.org/10.35011/ww2q-d522 Technical Description
https://www.cashit.at/ Product
Configurations

Configuration 1 (hide)

cpe:2.3:a:cashit:cashit\!:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:17

Type Values Removed Values Added
References () https://doi.org/10.35011/ww2q-d522 - Technical Description () https://doi.org/10.35011/ww2q-d522 - Technical Description
References () https://www.cashit.at/ - Product () https://www.cashit.at/ - Product

28 Dec 2023, 15:20

Type Values Removed Values Added
References (MISC) https://doi.org/10.35011/ww2q-d522 - (MISC) https://doi.org/10.35011/ww2q-d522 - Technical Description

02 Nov 2023, 10:15

Type Values Removed Values Added
References
  • (MISC) https://doi.org/10.35011/ww2q-d522 -

04 Oct 2023, 17:49

Type Values Removed Values Added
References (MISC) https://www.cashit.at/ - (MISC) https://www.cashit.at/ - Product
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-94
First Time Cashit cashit\!
Cashit
CPE cpe:2.3:a:cashit:cashit\!:*:*:*:*:*:*:*:*

03 Oct 2023, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-03 08:15

Updated : 2024-11-21 08:17


NVD link : CVE-2023-3656

Mitre link : CVE-2023-3656

CVE.ORG link : CVE-2023-3656


JSON object : View

Products Affected

cashit

  • cashit\!
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-749

Exposed Dangerous Method or Function