Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.18 views

CVE-2024-55956

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory...

9.8CVSS10AI score0.93804EPSS
Exploits4References1
GithubExploit
GithubExploit
added 2024/12/23 8:52 a.m.657 views

Exploit for Unrestricted Upload of File with Dangerous Type in Cleo Harmony

POC - CVE-2024-50623- Cleo Unrestricted file upload and downlo...

9.8CVSS9.9AI score0.98529EPSS
Exploits6
Vulnrichment
Vulnrichment
added 2024/12/13 12:0 a.m.12 views

CVE-2024-55956

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory...

7.8AI score0.93804EPSS
Exploits4References1
CVE
CVE
added 2024/12/13 12:0 a.m.314 views

CVE-2024-55956

CVE-2024-55956 affects Cleo Harmony, VLTrader, and LexiCom prior to version 5.8.0.24. The vulnerability allows unauthenticated attackers to import and execute arbitrary Bash or PowerShell commands on the host by abusing the default Autorun directory, effectively a remote code execution via an una...

9.8CVSS7.7AI score0.93804EPSS
In wildExploits4References4Affected Software3
ATTACKERKB
ATTACKERKB
added 2024/10/28 12:0 a.m.63 views

CVE-2024-50623

In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. Recent assessments: sfewer-r7 at July 11, 2025 9:37am UTC reported: CVE-2024-50623 allows a remote unauthenticated...

9.8CVSS9.8AI score0.98529EPSS
In wildExploits8References2
Positive Technologies
Positive Technologies
added 2024/10/27 12:0 a.m.6 views

PT-2024-10294

Name of the Vulnerable Software and Affected Versions Cleo Harmony versions prior to 5.8.0.21 Cleo VLTrader versions prior to 5.8.0.21 Cleo LexiCom versions prior to 5.8.0.21 Description A critical vulnerability in Cleo's file transfer software is being actively exploited, allowing unauthenticate...

9.8CVSS10AI score0.98529EPSS
Exploits6References220
Rows per page
Query Builder