CVE-2023-43208CISA KEV: Actively Exploited

NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability

Published May 20, 2024·Updated May 20, 2024

Description

NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.

Public Exploits & PoCs13 found

PoC: CVE-2023-43208_Detection_PoC

Use java.net.InetAddress for detection

2

PoC: CVE-2023-43208-EXPLOIT

A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)

2

PoC: CVE-2023-43208-PoC

Proof‑of‑concept Python script demonstrating CVE‑2023‑43208 in Mirth Connect, allowing version checks and command execution on vulnerable instances.

1

PoC: CVE-2023-43208

PoC for CVE-2023-43208 RCE exploitation.

1

PoC: CVE-2023-43208

CVE-2023-43208: Mirth Connect Pre-Auth RCE PoC

1

PoC: Interpreter-HackTheBox

Writeup for Interpreter — HackTheBox Medium Linux box. CVE-2023-43208 Mirth Connect RCE, PBKDF2 hash cracking, Python eval() injection for root.

PoC: CVE-2023-43208-PoC

Explota vulnerabilidad

PoC: CVE-2023-43208

A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)

PoC: Mirth-Connect-CVE-2023-43208

Proof of Concept (PoC) exploit for CVE-2023-43208, demonstrating unauthenticated remote code execution in vulnerable versions of NextGen Mirth Connect via insecure XStream deserialization.

PoC: CVE-2023-43208

mirth-connect-rce-poc

PoC: Mirth-Connect-CVE-2023-43208

Unauthenticated RCE exploit for NextGen Mirth Connect (CVE-2023-43208) via XStream deserialization.

PoC: PoC-2023-43208

A proof-of-concept exploit for CVE-2023-43208, a remote code execution vulnerability in Mirth Connect before version 4.4.1.

PoC: CVE-2023-43208

PoC for Mirth Connect Remote Code Execution (RCE)

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free