Lessening the Pain of Mirth Connect CVE-2023-43208
Вставка
- Опубліковано 21 тра 2024
- In this video we show how one can go about attacking Mirth Connect from vulnerabilities such as CVE-2023-43208. We show the exact same type of POCs don't work on Nanos and prevents certain types of payloads.
Note: While one can't utilize runtime.Exec and InvokerTransformer in this manner this doesn't completely eliminate this particular attack - what it does is force the attacker's payload to be more involved and does prevent certain types of payloads one might want to run.
To learn more check out nanos.org. - Навчання та стиль