cve/2023/CVE-2023-37679.md

CVE-2023-37679

Description

A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.

POC

Reference

• http://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html
• https://www.ihteam.net/advisory/mirth-connect

Github

• https://github.com/K3ysTr0K3R/CVE-2023-43208-EXPLOIT
• https://github.com/jakabakos/CVE-2023-43208-mirth-connect-rce-poc
• https://github.com/nomi-sec/PoC-in-GitHub