THREATOPS
THREAT OPSCVEs › CVE-2024-50623

CVE-2024-50623 — Cleo Multiple Products Unrestricted File Upload Vulnerability

CISA KEVExploited: confirmedCleo

Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.

Vulnerability details

Related reporting