CVE-2023-43208

This repository contains a functional exploit for CVE-2023-43208, targeting Mirth Connect versions below 4.4.1. The exploit leverages deserialization via a crafted XML payload to achieve remote code execution (RCE) by chaining Apache Commons Collections transformers.

The repository contains functional exploit code for CVE-2023-43208, a pre-authentication RCE vulnerability in Nextgen's Mirth Connect. The exploit leverages deserialization via a crafted XML payload to execute arbitrary commands on the target system.

This repository contains a functional exploit PoC for CVE-2023-43208, leveraging Java deserialization via a crafted XML payload to trigger DNS lookups to an attacker-controlled domain (oast.fun). The payload uses Apache Commons Collections and Commons Lang to construct a gadget chain that invokes `java.net.InetAddress.getAllByName`.

This repository contains a functional exploit for CVE-2023-43208, an unauthenticated RCE vulnerability in Mirth Connect < 4.4.1. The exploit leverages a deserialization flaw via a crafted XML payload to execute arbitrary commands, including reverse shells.

This repository contains a functional Python exploit for CVE-2023-43208, targeting Mirth Connect versions below 4.4.1. The exploit leverages deserialization via a crafted XML payload to achieve remote code execution (RCE).

This repository contains a functional exploit for CVE-2023-43208, a pre-authenticated remote code execution vulnerability in NextGen Healthcare Mirth Connect < 4.4.1. The exploit leverages an XStream deserialization bypass using Apache Commons Lang3 and Commons Collections4 gadgets to achieve command execution.

This is a detailed technical writeup for CVE-2023-43208, covering the exploitation of an unauthenticated Java deserialization vulnerability in Mirth Connect 4.4.0, followed by privilege escalation via an unvalidated `eval()` call in a Python service. The writeup includes specific technical details such as API endpoints, payload construction, and post-exploitation steps.

This repository contains a functional exploit for CVE-2023-43208, targeting a deserialization vulnerability in Mirth Connect. The exploit constructs a malicious XML payload using Apache Commons Collections gadgets to achieve remote code execution via a reverse shell.

This repository contains a functional Python exploit for CVE-2023-43208, targeting Mirth Connect via a pre-authentication deserialization vulnerability. The exploit constructs a malicious XML payload using XStream gadget chains to achieve remote code execution (RCE) on the target system.

This repository contains a functional exploit for CVE-2023-43208, targeting Mirth Connect versions below 4.4.1. The exploit automates dependency installation, detects vulnerable instances, and establishes a reverse shell via a crafted XML payload.

This repository contains a functional exploit for CVE-2023-43208, leveraging a deserialization vulnerability in Mirth Connect's XStream engine to achieve unauthenticated remote code execution. The exploit constructs a malicious payload using Apache Commons Collections gadgets to execute a reverse shell.

This repository contains a functional exploit for CVE-2023-43208, targeting Nextgen's Mirth Connect. The exploit leverages deserialization of malicious XML payloads to achieve pre-authentication remote code execution (RCE) via a crafted HTTP request to the `/api/users` endpoint.

This repository contains a functional exploit for CVE-2023-43208, targeting Mirth Connect with a deserialization attack leading to RCE. The PoC includes version detection, payload generation, and interactive user input for target configuration.

This repository contains a functional exploit for CVE-2023-43208, targeting Mirth Connect <= 4.4.0 via XStream deserialization. The exploit constructs a malicious payload to achieve remote code execution (RCE) by leveraging a deserialization vulnerability in the application.

The repository contains a bash script that scans for Mirth Connect instances vulnerable to CVE-2023-43208 by checking for specific HTTP response headers. It does not include exploit code but identifies potentially vulnerable targets.