CVE STALKER

CVE-2021-3122

CVSS
DESCRIPTIONCMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. NOTE: the vendor's position is that exploitation occurs only on devices with a certain "misconfiguration."
HEAT SCORE83

WORDS

TWEETS

DATE TWEETS USER
2021-09-14 03:30:41CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/v5lN2j96Vr… #Pentesting… https://t.co/JTTBi923Jz http://sentinelone.com/blog/cve-2021- https://twitter.com/i/web/status/1437619522056359936infinityABCDE
2021-09-13 08:30:33CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/r9CsUA7MtZ #exploit #actor… https://t.co/N5rSHi6fsL https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/ https://twitter.com/i/web/status/1437330764337721345MaltrakN
2021-08-20 18:50:05CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/r9CsUA7MtZ #exploit #actor… https://t.co/cTxy1FYTLP https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/ https://twitter.com/i/web/status/1428790798695518210MaltrakN
2021-08-13 06:10:04CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/HU7bs0MQUA https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/reverseame
2021-08-11 18:00:12CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/r9CsUA7MtZ #exploit #actor #MalwareAnalysis #security https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/MaltrakN
2021-08-02 00:40:06CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day - SentinelOne https://t.co/yd8HZdLOGH https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/MathWebEntry
2021-08-01 20:50:03CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/l6SiT91JSL #exploit #actor… https://t.co/fI2zviwmVJ https://malware.news/t/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/51242 https://twitter.com/i/web/status/1421935116843200512MaltrakN
2021-08-01 20:20:04CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/r9CsUA7MtZ #exploit #actor #infosec #MalwareAnalysis https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/MaltrakN
2021-07-30 16:20:03CVE-2021-3122 | How @SentinelOne Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/pleD08TwO3 https://s1.ai/wkmwmRgigasheet
2021-07-26 01:30:03Nice write up about a case I worked, guest post by my Colleague Kyle! CVE-2021-3122 | How We Caught a Threat Actor… https://t.co/Sy1ufvaF66 https://twitter.com/i/web/status/14194680441836871684r3n5ic
2021-07-25 16:10:08CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/saqwNd7PX4 #Pentesting… https://t.co/0VrZRtRiyl https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/ https://twitter.com/i/web/status/1419327882552356866Anastasis_King
2021-07-25 12:50:05CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day - SentinelOne https://t.co/E9mYTpaMlD https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/Securityblog
2021-07-25 04:30:03CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/p3mbC6gNxZ https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/Cyber_O51NT
2021-07-24 13:20:12CVE-2021-3122 | How We Caught a Threat Actor Exploiting #NCR #POS Zero Day https://t.co/odSNhseAOY https://s1.ai/wkmwmRgrant_consultin
2021-07-24 05:00:04CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/9hd0VC7lX4 #Pentesting #CVE… https://t.co/mi6Rly5ga4 https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/ https://twitter.com/i/web/status/1418796756146532356ptracesecurity
2021-07-23 19:00:05CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/ZqasbjpxTk https://s1.ai/wkmwmRfaisal_asif
2021-07-23 18:40:31CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/e7pEqxbAcw https://s1.ai/wkmwmRGutmanYotam
2021-07-23 15:50:04CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day – SentinelOne https://t.co/vZjnVLm6sE https://aeternusmalus.wordpress.com/2021/07/23/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day-sentinelone-2/d34dr4bbit
2021-07-22 21:30:11CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day – SentinelOne https://t.co/z6bQAOBaiq https://aeternusmalus.wordpress.com/2021/07/22/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day-sentinelone/d34dr4bbit
2021-07-22 20:40:09CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/28aFRJnWGu https://s1.ai/wkmwmRsarmentots
2021-07-22 20:30:12CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/rRsbRjPpkk https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/Dinosn
2021-07-22 18:50:12CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/l6SiT91JSL #exploit #actor #infosec #security https://malware.news/t/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/51242MaltrakN
2021-07-22 17:40:09https://t.co/vPPO0ssy3c CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day - SentinelOne #cybersecurity https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/netsecu
2021-07-22 16:40:37CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/MqI8sX8Uqq https://bit.ly/3iDQtNjpigram86
2021-07-22 16:40:25CVE-2021-3122 | How We Caught a Threat Actor Exploiting NCR POS Zero Day https://t.co/r9CsUA7MtZ #exploit #actor #security https://www.sentinelone.com/blog/cve-2021-3122-how-we-caught-a-threat-actor-exploiting-ncr-pos-zero-day/MaltrakN
2021-02-10 13:30:30New post from https://t.co/9KYxtdZjkl (CVE-2021-3122 (command_center_agent)) has been published on https://t.co/vHE8CAvVIj http://www.sesin.at https://www.sesin.at/2021/02/10/cve-2021-3122-command_center_agent/www_sesin_at
2021-02-10 13:20:04New post from https://t.co/uXvPWJy6tj (CVE-2021-3122 (command_center_agent)) has been published on https://t.co/0hEKIfQ6M4 http://www.sesin.at https://www.sesin.at/2021/02/10/cve-2021-3122-command_center_agent/WolfgangSesin
2021-02-09 18:21:04🚨 NEW: CVE-2021-3122 🚨 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of… https://t.co/h0EYXu31jR https://twitter.com/i/web/status/1359205197449465863threatintelctr
2021-02-08 11:50:04🚨 NEW: CVE-2021-3122 🚨 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of… https://t.co/KibqMUgZsB https://twitter.com/i/web/status/1358744662165622786threatintelctr
2021-02-08 08:20:05🚨 NEW: CVE-2021-3122 🚨 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of… https://t.co/KPNlw7IfMQ https://twitter.com/i/web/status/1358691813708754946threatintelctr
2021-02-08 00:30:04CVE-2021-3122 https://t.co/QLWa9Q5Ls6 http://dlvr.it/RsDCm70_exploit
2021-02-07 23:40:04Hi, I'm CVE-2021-3122. I was never good with numbers though, so you can call me Busted Ball https://t.co/5ZjHhuOewT https://nvd.nist.gov/vuln/detail/CVE-2021-3122vulnonym
2021-02-07 22:10:06CVE-2021-3122 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCo… https://t.co/gtj58gNSp4 https://twitter.com/i/web/status/1358536759395700736VulmonFeeds
2021-02-07 22:10:04CVE Liste write "CVE-2021-3122" See full original article: https://t.co/I1saPcejMw All our feeds: https://t.co/EOLcNJGCHf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3122 https://secnews.physaphae.frInfoSecPhysa
2021-02-07 21:40:09CVE-2021-3122 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCom… https://t.co/wczQ9OvPwC https://twitter.com/i/web/status/1358529130501988361eyeTSystems
2021-02-07 21:40:06New post from https://t.co/uXvPWJy6tj (CVE-2021-3122) has been published on https://t.co/jFqJOW8fiJ http://www.sesin.at https://www.sesin.at/2021/02/07/cve-2021-3122/WolfgangSesin
2021-02-07 21:40:06New post from https://t.co/9KYxtdZjkl (CVE-2021-3122) has been published on https://t.co/6xxo9788Zk http://www.sesin.at https://www.sesin.at/2021/02/07/cve-2021-3122/www_sesin_at
2021-02-07 20:50:05CVE-2021-3122 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCom… https://t.co/6jbMsm4Ldk https://twitter.com/i/web/status/1358517244091891726CVEnew
2021-02-07 20:20:06🚨 NEW: CVE-2021-3122 🚨 CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of… https://t.co/cfLt355pW6 https://twitter.com/i/web/status/1358510619205451779threatintelctr