CVE-2023-36143

HIGH

Maxprint Maxlink 1200G v3.4.11E - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2023-36143. PoCs published by RobinTrigon, leonardobg.

AI-analyzed exploit summary The repository contains a README describing an OS command injection vulnerability in Maxprint Maxlink 1200G v3.4.11E's Diagnostic tool. No exploit code or technical details are provided.

Description

Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device.

Exploits (2)

nomisec WRITEUP

by RobinTrigon · poc

https://github.com/RobinTrigon/CVE-2023-36143

View Code ZIP pw:eip

The repository contains a README describing an OS command injection vulnerability in Maxprint Maxlink 1200G v3.4.11E's Diagnostic tool. No exploit code or technical details are provided.

Classification

Writeup 50%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Maxprint Maxlink 1200G v3.4.11E

No auth needed

Prerequisites: Access to the Diagnostic tool functionality

MITRE ATT&CK

T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by leonardobg · poc

https://github.com/leonardobg/CVE-2023-36143

View Code ZIP pw:eip

This PoC demonstrates a command injection vulnerability in Maxprint Maxlink 1200G v3.4.11E via the diagnostic tool. The attacker can inject arbitrary commands using the semicolon character after an IP address.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Maxprint Maxlink 1200G v3.4.11E

Auth required

Prerequisites: Access to the web interface · Valid credentials for authentication

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Not Applicable

http://maxlink.com

Exploit, Third Party Advisory

https://github.com/leonardobg/CVE-2023-36143

Scores

CVSS v3 8.8

EPSS 0.0244

EPSS Percentile 82.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (1)

maxprintisp/maxlink_1200g_firmware 3.4.11e

Published Jun 30, 2023

Tracked Since Feb 18, 2026