In this video we show how one can go about attacking Mirth Connect from vulnerabilities such as CVE-2023-43208. We show the exact same type of POCs don't work on Nanos and prevents certain types of payloads.
Note: While one can't utilize runtime.Exec and InvokerTransformer in this manner this doesn't completely eliminate this particular attack - what it does is force the attacker's payload to be more involved and does prevent certain types of payloads one might want to run.
To learn more check out nanos.org.
21 май 2024