CVE-2023-30367

Name: CVE-2023-30367
Creator: NVD / NIST
Published: 2023-07-26T21:15:09.98+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 0.43%

Last modified Jun 17, 2026

CVE-2023-30367 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. EPSS estimates a 0.43% chance of exploitation in the next 30 days.

Description

Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows attackers to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability

0.43%

34.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-312

Affected Software

Vendor	Product	Versions
Mremoteng	Mremoteng	<= 1.76.20
Mremoteng	Mremoteng	1.77.2-nb
Mremoteng	Mremoteng	1.77.3-nb

References

http://packetstormsecurity.com/files/173829/mRemoteNG-1.77.3.1784-NB-Sensitive-Information-Extraction.htmlExploit, Third Party Advisory, VDB Entry
https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumperThird Party Advisory
https://github.com/mRemoteNG/mRemoteNG/issues/2420Issue Tracking
https://www.secuvera.de/advisories/secuvera-SA-2023-01.txtThird Party Advisory
http://packetstormsecurity.com/files/173829/mRemoteNG-1.77.3.1784-NB-Sensitive-Information-Extraction.htmlExploit, Third Party Advisory, VDB Entry
https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumperThird Party Advisory
https://github.com/mRemoteNG/mRemoteNG/issues/2420Issue Tracking
https://www.secuvera.de/advisories/secuvera-SA-2023-01.txtThird Party Advisory

Timeline

Published: Jul 26, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-30367?

How severe is CVE-2023-30367?

CVE-2023-30367 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.43% probability of exploitation in the next 30 days.

How do I fix CVE-2023-30367?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-30367?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST