Vulnerability CVE-2023-43208


Published: 2023-10-26

Description:
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. This is a bypass of the patch put in for CVE-2023-37679.

See advisories in our WLB2 database:
Topic
Author
Date
High
Mirth Connect 4.4.0 Remote Command Execution
r00t
01.02.2024

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://www.horizon3.ai/nextgen-mirth-connect-remote-code-execution-vulnerability-cve-2023-43208/

Copyright 2024, cxsecurity.com

 

Back to Top