Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-30367

Published: 26/07/2023 Updated: 04/08/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Mremoteng

Vulnerability Summary

Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows malicious users to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mremoteng mremoteng 1.77.3-nb

mremoteng mremoteng 1.77.2-nb

mremoteng mremoteng

Exploits

Exploit DB: mRemoteNG 1.77.3.1784-NB Sensitive Information Extraction
mRemoteNG version 17731784-NB exploit that extracts sensitive information that is stored in memory in the clear but encrypted at rest ...

Github Repositories

https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper

Original PoC for CVE-2023-30367

mRemoteNG &lt;= v17731784-NB Password Dumper (CVE-2023-30367) Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems mRemoteNG configuration files can be stored in an encrypted state on disk mRemoteNG version &lt;= v17620 and &l

References

CWE-312https://github.com/mRemoteNG/mRemoteNG/issues/2420https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumperhttps://www.secuvera.de/advisories/secuvera-SA-2023-01.txthttp://packetstormsecurity.com/files/173829/mRemoteNG-1.77.3.1784-NB-Sensitive-Information-Extraction.htmlhttps://nvd.nist.govhttps://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumperhttps://packetstormsecurity.com/files/173829/mRemoteNG-1.77.3.1784-NB-Sensitive-Information-Extraction.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook