Mirth Connect deserialization vulnerability
Added: 05/23/2024Background
Mirth Connect is an application which translates message standards for healthcare systems.Problem
A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request.Resolution
Upgrade to Mirth Connect 4.4.1 or higher.References
https://www.horizon3.ai/attack-research/attack-blogs/nextgen-mirth-connect-remote-code-execution-vulnerability-cve-2023-43208/Limitations
Exploit works on Linux systems.Platforms
LinuxBack to exploit index