8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-50623

GHSA ID

GHSA-8j74-v9cr-x39h

EPSS Score

0.99877%

CWE

CWE-79

Published

10/28/2024

Updated

12/10/2024

KEV Status

Yes

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-50623

CVE-2024-50623: Unrestricted File Upload and Download in Cleo Harmony, VLTrader, and LexiCom

In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-50623

GHSA ID

GHSA-8j74-v9cr-x39h

EPSS Score

0.99877%

CWE

CWE-79

Published

10/28/2024

Updated

12/10/2024

KEV Status

Yes

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

In *l*o **rmony ***or* *.*.*.**, VLTr***r ***or* *.*.*.**, *n* L*xi*om ***or* *.*.*.**, t**r* is *n unr*stri*t** *il* uplo** *n* *ownlo** t**t *oul* l*** to r*mot* *o** *x**ution.

Reasoning

No *n*lysis *v*il**l*

8.8

Basic Information

Concerned about an active attack path?

CVE-2024-50623: Unrestricted File Upload and Download in Cleo Harmony, VLTrader, and LexiCom

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI