CVE-2024-50623

ENISA EUVD: EUVD-2024-45217 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 6 articles Published: 2024-10-27

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.01%

probability

This CVE has a 94.01% probability of being exploited in the next 30 days.

0% Top 99.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

9.8

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.

Affected Products

n/a

cleo

harmony

cleo

lexicom

cleo

vltrader

n/a

Attack Intelligence

CWE-434 · Unrestricted File Upload CWE-664 · Improper Control of a Resource Through its Lifetime CWE-669 · Incorrect Resource Transfer Between Spheres

Exploits & PoC

watchtowrlabs/CVE-2024-50623

Cleo Unrestricted file upload and download PoC (CVE-2024-50623)

25 2024-12-11

verylazytech/CVE-2024-50623

CVE-2024-50623 POC - Cleo Unrestricted file upload and download

7 2024-12-23

iSee857/Cleo-CVE-2024-50623-PoC

Cleo 远程代码执行漏洞批量检测脚本（CVE-2024-50623）

5 2025-04-01

congdong007/CVE-2024-50623-poc

0 2025-04-01

4 repos — triés par ⭐ Rechercher sur GitHub ↗

https://support.cleo.com/hc/en-us/articles/27140294267799-Cleo-Product-Security-Advisory

Signal Intelligence

Confidenceⓘ

92%

EPSS 94.01%

CVSS v3.1 9.8

Mentions 6

Last Seen Oct 17, 2025

CNA Information

CNA Assigner

mitre

Analyst Note

Article [2] explicitly names CVE-2024-50623 as a 'critical zero-day exploited in data theft attacks' by Clop threat actors. The CVE was published 2024-10-27 and articles confirm active exploitation in the wild, with the patch released simultaneously or immediately after disclosure, meeting the zero-day criteria.