[SECURITY] Possible 0-Day Path Traversal Vulnerability in Mirth Connect Administrator #6210
Labels
Comments
|
What do you mean? There is:
Are you saying the Mirth Connect Server Process has this problem? Also, is your tool finding: https://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html? An already known and patched CVE in mirth 4.5? If this is some other finding, I am sure the Nextgen team would like to know the specifics (I don't work for Nextgen) and would appreciate you directly reaching out to them. |
|
@ifconfig-me |
pladesma
added
triaged
Internal-Issue-Created
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the security issue
A path traversal vulnerability exists in Mirth Connect Administrator that allows an attacker to access arbitrary files on the server. By manipulating the URL, specifically using a sequence of specially crafted semi-encoded payloads attacker can access to sensitive files outside the web root directory.
Vulnerability Location
This vulnerability is in the Mirth Connect codebase itself.
Environment (please complete the following information if it is applicable to the issue)
Suggested remediation
Sanitize and validate all input URLs to prevent path traversal sequences. Ensure that the URL paths are resolved within the intended directory structure. Additionally, implementing a security mechanism to disallow URL-encoded traversal characters can mitigate this issue.
Additional context
This vulnerability was discovered during a routine security audit. Exploiting this path traversal vulnerability can lead to unauthorized access to sensitive files on the server, potentially exposing critical system and user data.
The text was updated successfully, but these errors were encountered: