Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-37679

Published: 03/08/2023 Updated: 31/01/2024
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Mirth Connect

Vulnerability Summary

A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows malicious users to execute arbitrary commands on the hosting server.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

nextgen mirth connect 4.3.0

Vendor Advisories

Check Point Security Alerts: NextGen Mirth Connect Command Injection (CVE-2023-37679)
Check Point Reference: CPAI-2023-1451 Date Published: 15 Jan 2024 Severity: Critical ...

Exploits

Exploit DB: Mirth Connect 4.4.0 Remote Command Execution
A vulnerability exists within Mirth Connect due to its mishandling of deserialized data This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application The original vulnerability was identified by IHTeam and assigned CVE-2023-37679 Later, researchers from Horizon ...
Exploit DB: Mirth Connect Deserialization RCE
A vulnerability exists within Mirth Connect due to its mishandling of deserialized data This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application The original vulnerability was identified by IHTeam and assigned CVE-2023-37679 Later, ...

Metasploit Modules

Mirth Connect Deserialization RCE

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and assigned CVE-2023-37679. Later, researchers from Horizon3.ai determined the patch to be incomplete and published a gadget chain which bypassed the deny list that the original had implemented. This second vulnerability was assigned CVE-2023-43208 and was patched in Mirth Connect version 4.4.1. This module has been tested on versions 4.1.1, 4.3.0 and 4.4.0.

msf > use exploit/multi/http/mirth_connect_cve_2023_43208
msf exploit(mirth_connect_cve_2023_43208) > show targets
    ...targets...
msf exploit(mirth_connect_cve_2023_43208) > set TARGET < target-id >
msf exploit(mirth_connect_cve_2023_43208) > show options
    ...show and set options...
msf exploit(mirth_connect_cve_2023_43208) > exploit

References

CWE-77http://nextgen.comhttps://www.ihteam.net/advisory/mirth-connecthttp://mirth.comhttp://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.htmlhttps://www.rapid7.com/db/modules/exploit/multi/http/mirth_connect_cve_2023_43208/https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1451.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook