CVE-2023-37679
CRITICAL EXPLOITED RANSOMWARE NUCLEIMirth Connect Deserialization RCE
Title source: metasploitDescription
A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.
Exploits (2)
github
WORKING POC
5 stars
by jakabakos · pythonpoc
https://github.com/jakabakos/CVE-2023-43208-mirth-connect-rce-poc/tree/master/CVE-2023-37679.py
metasploit
WORKING POC
EXCELLENT
by r00t, Naveen Sunkavally, Spencer McIntyre · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/mirth_connect_cve_2023_43208.rb
Nuclei Templates (1)
NextGen Mirth Connect - Remote Code Execution
CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch
Shodan:
title:"mirth connect administrator" || http.title:"mirth connect administrator"
FOFA:
title="mirth connect administrator"
Scores
CVSS v3
9.8
EPSS
0.9377
EPSS Percentile
99.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2024-04-19
Ransomware Use
Confirmed
CWE
CWE-77
Status
published
Products (1)
nextgen/mirth_connect
4.3.0
Published
Aug 03, 2023
Tracked Since
Feb 18, 2026