NCR Terminal Handler CSV Injection Vulnerability

A CSV injection vulnerability exists in NCR Terminal Handler version 1.5.1, allowing attackers to execute arbitrary commands by injecting a crafted payload into any text field that accepts strings. The vulnerability can be exploited by logging in as an administrator, editing the terminal file configuration to include the payload, and then importing the file through the terminal import feature. Once the file is opened in Excel, the injected command will be executed.

Impact

Exploitation of this vulnerability allows for CSV injection, where injected commands are executed when the resulting CSV file is opened in Excel.

Reproduction

To reproduce this vulnerability, log in as an administrator and edit the terminal file configuration to include a CSV payload, such as a command to be executed. After saving the configuration, navigate to the terminal import section and import the modified file. The injected payload will be executed when the file is opened in Excel.