CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-2571

Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.621

EPSS Ranking 98.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/25987
http://www.securityfocus.com/bid/60359
https://exchange.xforce.ibmcloud.com/vulnerabilities/84761
https://packetstormsecurity.com/files/121917/Xpient-POS-Iris-3.8-Cash-Drawer-Operation-Remote-Trigger.html
http://www.exploit-db.com/exploits/25987
http://www.securityfocus.com/bid/60359
https://exchange.xforce.ibmcloud.com/vulnerabilities/84761
https://packetstormsecurity.com/files/121917/Xpient-POS-Iris-3.8-Cash-Drawer-Operation-Remote-Trigger.html

Products affected by CVE-2013-2571

Hcomm » Xpient Iris » Version: N/A

cpe:2.3:a:hcomm:xpient_iris:-
Hcomm » Xpient Iris » Version: 3.8

cpe:2.3:a:hcomm:xpient_iris:3.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-2571

Products

Pricing

Contact Us