.. / CVE-2023-37679

Exploit for NextGen Mirth Connect - Remote Code Execution (CVE-2023-37679)

Description:

Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability

Nuclei Template

View the template here CVE-2023-37679.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-37679.yaml
Copy

References:

http://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html
http://mirth.com
https://www.horizon3.ai/nextgen-mirth-connect-remote-code-execution-vulnerability-cve-2023-43208/
https://nvd.nist.gov/vuln/detail/CVE-2023-37679
http://nextgen.com