Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.11 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS7.9AI score0.96129EPSS
Exploits22References1
GithubExploit
GithubExploit
added 2024/03/17 8:44 a.m.266 views

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

RCE vulnerability in Mirth Connect CVE-2023-37679 and CVE-202...

9.8CVSS9.7AI score0.96129EPSS
Exploits22
0day.today
0day.today
added 2024/01/31 12:0 a.m.538 views

Mirth Connect 4.4.0 Remote Command Execution Exploit

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

9.8CVSS7.3AI score0.96129EPSS
Exploits22
Packet Storm
Packet Storm
added 2024/01/31 12:0 a.m.544 views

Mirth Connect 4.4.0 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mirth Connect Deserialization RCE', 'Description' = %q A vulnerability exists within Mirth Connect due to its mishandling of deserialized data...

9.8CVSS7.4AI score0.96129EPSS
Exploits22
Metasploit
Metasploit
added 2024/01/30 7:51 p.m.589 views

Mirth Connect Deserialization RCE

A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and...

9.8CVSS9.5AI score0.96129EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2023/10/27 12:0 a.m.64 views

NextGen Mirth Connect < 4.4.0 RCE (CVE-2023-37679)

According to its self-reported version, the instance of NextGen Mirth Connect running on the remote web server is 4.4.0. It is, therefore, affected by a remote code execution vulnerability that could allow a remote attacker to bypass authentication and execute arbitrary commands. Note that Nessus...

9.8CVSS9.7AI score0.96129EPSS
Exploits12References2
Circl
Circl
added 2023/10/26 8:16 p.m.18 views

CVE-2023-37679

creationtimestamp| type| source ---|---|--- 2023-10-26 20:16:00+00:00| seen| https://t.me/cibsecurity/72981 2023-12-11 01:22:38+00:00| seen| https://t.me/arpsyndicate/1685 2024-01-30 16:05:09+00:00| seen|...

9.8CVSS7.1AI score0.96129EPSS
In wildExploits12References7
Prion
Prion
added 2023/10/26 5:15 p.m.46 views

Remote code execution

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

7.5CVSS9.8AI score0.96129EPSS
Exploits22References2Affected Software1
OSV
OSV
added 2023/10/26 12:0 a.m.33 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS8.1AI score0.82708EPSS
Exploits21References5
ATTACKERKB
ATTACKERKB
added 2023/10/26 12:0 a.m.45 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. Recent assessments: ccondon-r7 at January 27, 2024 7:41pm UTC reported: Knocking down attacker value a bi...

9.8CVSS9.8AI score0.96129EPSS
In wildExploits22References3
Cvelist
Cvelist
added 2023/10/26 12:0 a.m.34 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

10AI score0.82708EPSS
Exploits21References2
ATTACKERKB
ATTACKERKB
added 2023/08/03 3:15 a.m.7 views

CVE-2023-37679

A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...

9.8CVSS8.1AI score0.96129EPSS
Exploits12References7
OSV
OSV
added 2023/08/03 12:0 a.m.34 views

CVE-2023-37679

A remote command execution RCE vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server...

9.8CVSS8.2AI score0.96129EPSS
Exploits12References6
CVE
CVE
added 2023/08/03 12:0 a.m.215 views

CVE-2023-37679

CVE-2023-37679 / CVE-2023-43208 (NextGen HealthCare Mirth Connect) : Open-source data integration platform vulnerable to unauthenticated remote code execution due to improper/deserialization handling. Affects Mirth Connect versions prior to 4.4.1 (PoCs and advisories reference vulnerable ranges i...

9.8CVSS9.7AI score0.96129EPSS
In wildExploits12References2Affected Software1
Rows per page
Query Builder