automatic module_metadata_base.json update

Author: msjenkins-r7

db/modules_metadata_base.json

@@ -101874,6 +101874,71 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_multi/http/mirth_connect_cve_2023_43208": {
+    "name": "Mirth Connect Deserialization RCE",
+    "fullname": "exploit/multi/http/mirth_connect_cve_2023_43208",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2023-10-25",
+    "type": "exploit",
+    "author": [
+      "r00t",
+      "Naveen Sunkavally",
+      "Spencer McIntyre"
+    ],
+    "description": "A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability\n          can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the\n          target application. The original vulnerability was identified by IHTeam and assigned CVE-2023-37679. Later,\n          researchers from Horizon3.ai determined the patch to be incomplete and published a gadget chain which bypassed\n          the deny list that the original had implemented. This second vulnerability was assigned CVE-2023-43208 and was\n          patched in Mirth Connect version 4.4.1. This module has been tested on versions 4.1.1, 4.3.0 and 4.4.0.",
+    "references": [
+      "CVE-2023-37679",
+      "URL-https://www.ihteam.net/advisory/mirth-connect/",
+      "CVE-2023-43208",
+      "URL-https://www.horizon3.ai/nextgen-mirth-connect-remote-code-execution-vulnerability-cve-2023-43208/",
+      "URL-https://www.horizon3.ai/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce/"
+    ],
+    "platform": "Linux,Unix,Windows",
+    "arch": "cmd",
+    "rport": 8443,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Unix Command",
+      "Windows Command"
+    ],
+    "mod_time": "2024-01-29 13:52:49 +0000",
+    "path": "/modules/exploits/multi/http/mirth_connect_cve_2023_43208.rb",
+    "is_install_path": true,
+    "ref_name": "multi/http/mirth_connect_cve_2023_43208",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_multi/http/mma_backdoor_upload": {
     "name": "Th3 MMA mma.php Backdoor Arbitrary File Upload",
     "fullname": "exploit/multi/http/mma_backdoor_upload",