CVE-2023-3656

Summary

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.

Affected Software

VendorProductVersion RangeStatus
PoS/ Dienstleistung, Entwicklung & Vertrieb GmbHcashIT! - serving solutions.0 <= 03.A06rksaffected

Weaknesses

  • CWE-749: CWE-749 Exposed Dangerous Method or Function
  • CWE-94: CWE-94 Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CVE Program Container

Additional References

References