Vulnerabilities > Cleo

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-13	CVE-2024-55956	Command Injection vulnerability in Cleo Harmony, Lexicom and Vltrader In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. network low complexity cleo CWE-77 critical	9.8
2024-10-28	CVE-2024-50623	Unrestricted Upload of File with Dangerous Type vulnerability in Cleo Harmony, Lexicom and Vltrader In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. network low complexity cleo CWE-434 critical	9.8
2021-06-18	CVE-2021-33576	Path Traversal vulnerability in Cleo Lexicom 5.5.0.0 An issue was discovered in Cleo LexiCom 5.5.0.0. network low complexity cleo CWE-22 critical	9.8
2021-06-18	CVE-2021-33577	Unspecified vulnerability in Cleo Lexicom 5.5.0.0 An issue was discovered in Cleo LexiCom 5.5.0.0. network low complexity cleo	5.3

Vulnerabilities > Cleo {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cleo"}]}