vulnerability
Cleo VLTrader: CVE-2024-50623: Unauthenticated Remote Execution
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Dec 3, 2024 | Dec 23, 2024 | Nov 21, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 3, 2024
Added
Dec 23, 2024
Modified
Nov 21, 2025
Description
In Cleo VLTrader, prior version 5.8.0.21, there is an unrestricted file upload and download vulnerability that could lead to remote execution.
Solution
cleo-vltrader-upgrade-cve-2024-50623-remote
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.