CVE-2024-50623CISA KEV: Actively Exploited

Cleo Multiple Products Unrestricted File Upload Vulnerability

Published Dec 13, 2024·Updated Dec 13, 2024

Description

Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.

Public Exploits & PoCs3 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free