Unrated severityCISA KEVNVD Advisory· Published Oct 27, 2024· Updated Oct 21, 2025
CVE-2024-50623
CVE-2024-50623
Description
In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.
Affected products
4- Cleo/Harmonydescription
Patches
Vulnerability mechanics
References
1News mentions
1- Risky Business #774 -- Cleo file transfer appliances under widespread attackRisky Business · Dec 11, 2024