admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create Honeywell_PM43_loadfile.lp_file_command_execution_vulnerability.md

Browse Source
This commit is contained in:
Goby 2023-10-17 21:39:16 +08:00 committed by GitHub
parent f77231346f
commit e7000d51a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Honeywell_PM43_loadfile.lp_file_command_execution_vulnerability.md Normal file
View File

@ -0,0 +1,12 @@
## Honeywell PM43 loadfile.lp file command execution vulnerability (CVE-2023-3710)
| **Vulnerability** | Honeywell PM43 loadfile.lp file command execution vulnerability (CVE-2023-3710) |
| :----: | :-----|
| **Chinese name** | Honeywell PM43 loadfile.lp 文件命令执行漏洞CVE-2023-3710 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [app="Honeywell PM43 "](https://en.fofa.info/result?qbase64=aGVhZGVyPSJQTTQzIiB8fCBiYW5uZXI9IlBNNDMiIHx8IHRpdGxlPSJQTTQzIiB8fCBib2R5PSIvbWFpbi9sb2dpbi5sdWE%2FcGFnZWlkPUNvbmZpZ3VyZSI%3D)|
| **Number of assets affected** | 96 |
| **Description** | The Honeywell PM43 is a printer product of the American company Honeywell.Honeywell PM43P10.19.050004 and earlier versions of the input verification error vulnerability, attackers can arbitrarily execute code on the server side, write a backdoor, obtain server permissions, and then control the entire web server. |
| **Impact** | Honeywell PM43P10.19.050004 and earlier versions of the input verification error vulnerability, attackers can arbitrarily execute code on the server side, write a backdoor, obtain server permissions, and then control the entire web server. |
![](https://s3.bmp.ovh/imgs/2023/10/17/ff602decce69f83b.gif)