Active exploitation of Cleo file transfer software CVE-2024-50623 allows unverified remote code execution.
Reporter | Title | Published | Views | Family All 23 |
---|---|---|---|---|
AttackerKB | CVE-2024-55956 | 13 Dec 202400:00 | – | attackerkb |
AttackerKB | CVE-2024-50623 | 28 Oct 202400:00 | – | attackerkb |
Metasploit | Cleo LexiCom, VLTrader, and Harmony Unauthenticated Remote Code Execution | 6 Jan 202509:26 | – | metasploit |
Rapid7 Blog | Metasploit Wrap-Up 01/17/2025 | 17 Jan 202519:22 | – | rapid7blog |
Rapid7 Blog | Modular Java Backdoor Dropped in Cleo Exploitation Campaign | 11 Dec 202418:44 | – | rapid7blog |
Rapid7 Blog | What’s New in Rapid7 Products & Services: Q4 2024 in Review | 18 Dec 202414:00 | – | rapid7blog |
Imperva Blog | Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks | 21 Jan 202521:01 | – | impervablog |
CISA KEV Catalog | Cleo Multiple Products Unauthenticated File Upload Vulnerability | 17 Dec 202400:00 | – | cisa_kev |
CISA KEV Catalog | Cleo Multiple Products Unrestricted File Upload Vulnerability | 13 Dec 202400:00 | – | cisa_kev |
Nuclei | Cleo Harmony < 5.8.0.24 - File Upload Vulnerability | 18 Dec 202413:39 | – | nuclei |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo