Categories
Advisories

Mirth Connect <= 4.3.0 Unauth RCE

TL;DR IHTeam undertook an independent security assessment of NextGen’s Mirth Connect version <= 4.3.0 and identified the following vulnerability: What’s Mirth Connect Mirth Connect (https://github.com/nextgenhealthcare/connect) is an opensource healthcare data integration system, that enables the management of information using bi-directional sending of many types of messages. The primary use of this interface engine is in […]

Categories
Advisories

OnionShare 2.3 >= 2.3.3 Vulnerabilities

TL;DR IHTeam undertook an independent security assessment of OnionShare CLI v2.3.3 and identified the following vulnerabilities: Unauthenticated File Upload (when using –receive in non-public mode) AKA CVE-2021-41868 Disclosure of Chat Participants to Unauthenticated Users (when using –chat option in non-public mode) AKA CVE-2021-41867 What is OnionShare? OnionShare is an open source tool that lets you […]