CVE-2023-3710

CRITICAL EXPLOITED NUCLEI

Honeywell PM43 Firmware < P10.19.050004 - Command Injection via Printer Web Page Modules

Title source: llm

Exploitation Summary

CVE-2023-3710 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including ByteHunter, dyeat. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Honeywell PM43 printers by injecting commands into the 'username' parameter of a POST request to '/loadfile.lp'. The payload is executed with the context of the vulnerable application.

Description

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).

Exploits (2)

exploitdb WORKING POC

by ByteHunter · pythonremotehardware

https://www.exploit-db.com/exploits/51885

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in Honeywell PM43 printers by injecting commands into the 'username' parameter of a POST request to '/loadfile.lp'. The payload is executed with the context of the vulnerable application.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Honeywell PM43 Printers < P10.19.050004

No auth needed

Prerequisites: Network access to the target device · Target device running vulnerable firmware

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WORKING POC

by dyeat · pythonpoc

https://github.com/dyeat/cve-reproduction/tree/main/Honeywell/PM43/CVE-2023-3710

View Code ZIP pw:eip

The repository contains a functional exploit for CVE-2023-3710, targeting Honeywell PM43 devices. The exploit leverages command injection via the 'username' parameter in a POST request to '/loadfile.lp?pageid=Configure', allowing remote code execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Honeywell PM43

No auth needed

Prerequisites: Network access to the target device · Target device must be running vulnerable Honeywell PM43 firmware

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 22, 2026 Full analysis →

Nuclei Templates (1)

Honeywell PM43 Printers - Command Injection

CRITICALVERIFIEDby win3zz

Shodan: http.html:"/main/login.lua?pageid="

FOFA: body="/main/login.lua?pageid="

References (3)

Core 3

Core References

Permissions Required

https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwaresignedP1019050004

Permissions Required

https://hsmftp.honeywell.com:443/en/Software/Printers/Industrial/PM23-PM23c-PM43-PM43c/Current/Firmware/firmwarexasignedP1019050004A

Product

https://www.honeywell.com/us/en/product-security

Scores

CVSS v3 9.9

EPSS 0.9170

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2024-02-06

CWE

CWE-20 CWE-77

Status published

Products (1)

honeywell/pm43_firmware < p10.19.050004

Published Sep 12, 2023

Tracked Since Feb 18, 2026