7.5
CVSSv3

CVE-2023-30367

Published: 26/07/2023 Updated: 21/11/2024

Vulnerability Summary

Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows malicious users to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mremoteng mremoteng

mremoteng mremoteng 1.77.2-nb

mremoteng mremoteng 1.77.3-nb

Exploits

mRemoteNG version 17731784-NB exploit that extracts sensitive information that is stored in memory in the clear but encrypted at rest ...

Github Repositories

Original PoC for CVE-2023-30367

mRemoteNG &lt;= v17731784-NB Password Dumper (CVE-2023-30367) Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems mRemoteNG configuration files can be stored in an encrypted state on disk mRemoteNG version &lt;= v17620 and &l