Origin Bypass Vulnerability in cashIT! Devices

Origin Bypass Vulnerability in cashIT! Devices

CVE-2023-3654 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network.

Learn more about our Network Penetration Testing.