Lucene search
+L

14 matches found

redhatcve
redhatcve
added 2025/05/23 2:11 a.m.11 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS7.9AI score0.96129EPSS
Exploits22References1
githubexploit
githubexploit
added 2024/03/17 8:44 a.m.267 views

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

RCE vulnerability in Mirth Connect CVE-2023-37679 and CVE-202...

9.8CVSS9.7AI score0.96129EPSS
Exploits22
packetstorm
packetstorm
added 2024/01/31 12:0 a.m.547 views

Mirth Connect 4.4.0 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mirth Connect Deserialization RCE', 'Description' = %q A vulnerability exists within Mirth Connect due to its mishandling of deserialized data...

9.8CVSS7.4AI score0.96129EPSS
Exploits22
zdt
zdt
added 2024/01/31 12:0 a.m.539 views

Mirth Connect 4.4.0 Remote Command Execution Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

9.8CVSS7.3AI score0.96129EPSS
Exploits22
metasploit
metasploit
added 2024/01/30 7:51 p.m.590 views

Mirth Connect Deserialization RCE

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

9.8CVSS9.5AI score0.96129EPSS
Exploits22
nessus
nessus
added 2023/10/27 12:0 a.m.64 views

NextGen Mirth Connect < 4.4.0 RCE (CVE-2023-37679)

According to its self-reported version, the instance of NextGen Mirth Connect running on the remote web server is 4.4.0. It is, therefore, affected by a remote code execution vulnerability that could allow a remote attacker to bypass authentication and execute arbitrary commands. Note that Nessus...

9.8CVSS9.7AI score0.96129EPSS
Exploits12References2
circl
circl
added 2023/10/26 8:16 p.m.18 views

CVE-2023-37679

creationtimestamp| type| source ---|---|--- 2023-10-26 20:16:00+00:00| seen| https://t.me/cibsecurity/72981 2023-12-11 01:22:38+00:00| seen| https://t.me/arpsyndicate/1685 2024-01-30 16:05:09+00:00| seen|...

9.8CVSS7.1AI score0.96129EPSS
In wildExploits12References7
prion
prion
added 2023/10/26 5:15 p.m.46 views

Remote code execution

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

7.5CVSS9.8AI score0.96129EPSS
Exploits22References2Affected Software1
attackerkb
attackerkb
added 2023/10/26 12:0 a.m.45 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. Recent assessments: ccondon-r7 at January 27, 2024 7:41pm UTC reported: Knocking down attacker value a bi...

9.8CVSS9.8AI score0.96129EPSS
In wildExploits22References3
osv
osv
added 2023/10/26 12:0 a.m.35 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS8.1AI score0.82708EPSS
Exploits21References5
cvelist
cvelist
added 2023/10/26 12:0 a.m.35 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

10AI score0.82708EPSS
Exploits21References2
attackerkb
attackerkb
added 2023/08/03 3:15 a.m.9 views

CVE-2023-37679

A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...

9.8CVSS8.1AI score0.96129EPSS
Exploits12References7
osv
osv
added 2023/08/03 12:0 a.m.34 views

CVE-2023-37679

A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...

9.8CVSS8.2AI score0.96129EPSS
Exploits12References4
cve
cve
added 2023/08/03 12:0 a.m.215 views

CVE-2023-37679

CVE-2023-37679 / CVE-2023-43208 (NextGen HealthCare Mirth Connect) : Open-source data integration platform vulnerable to unauthenticated remote code execution due to improper/deserialization handling. Affects Mirth Connect versions prior to 4.4.1 (PoCs and advisories reference vulnerable ranges i...

9.8CVSS9.7AI score0.96129EPSS
In wildExploits12References2Affected Software1
Rows per page
Query Builder