GobyVuls/Honeywell_PM43_loadfile.lp_file_command_execution_vulnerability.md

## Honeywell PM43 loadfile.lp file command execution vulnerability (CVE-2023-3710)

|   **Vulnerability**  | Honeywell PM43 loadfile.lp file command execution vulnerability (CVE-2023-3710)  |
| :----:   | :-----|
|  **Chinese name**  | Honeywell PM43 loadfile.lp 文件命令执行漏洞（CVE-2023-3710）	 |
| **CVSS core**  | 	9.8 |
| **FOFA Query**  (click to view the results directly)| [app="Honeywell PM43 "](https://en.fofa.info/result?qbase64=aGVhZGVyPSJQTTQzIiB8fCBiYW5uZXI9IlBNNDMiIHx8IHRpdGxlPSJQTTQzIiB8fCBib2R5PSIvbWFpbi9sb2dpbi5sdWE%2FcGFnZWlkPUNvbmZpZ3VyZSI%3D)|
| **Number of assets affected**  | 96 |
| **Description**  | 	The Honeywell PM43 is a printer product of the American company Honeywell.Honeywell PM43P10.19.050004 and earlier versions of the input verification error vulnerability, attackers can arbitrarily execute code on the server side, write a backdoor, obtain server permissions, and then control the entire web server. |
| **Impact** | 	Honeywell PM43P10.19.050004 and earlier versions of the input verification error vulnerability, attackers can arbitrarily execute code on the server side, write a backdoor, obtain server permissions, and then control the entire web server. |

![](https://s3.bmp.ovh/imgs/2023/10/17/ff602decce69f83b.gif)