CVE-2024-50623 PoC — Cleo多款产品安全漏洞

Source

https://github.com/iSee857/Cleo-CVE-2024-50623-PoC

Associated Vulnerability

Title:Cleo多款产品安全漏洞 (CVE-2024-50623)
Description:Cleo LexiCom等都是Cleo公司的产品。Cleo LexiCom是一个集成平台。Cleo Harmony是一个文件集成解决方案。Cleo VLTrader是一个安全托管文件传输软件。 Cleo多款产品存在安全漏洞，该漏洞源于包含一个JavaScript注入问题。以下产品及版本受到影响：Cleo Harmony 5.8.0.20版本之前，VLTrader 5.8.0.20版本之前和LexiCom 5.8.0.20版本。

Description

Cleo 远程代码执行漏洞批量检测脚本（CVE-2024-50623）

Readme

复现过程见：

https://blog.csdn.net/xc_214/article/details/144850719?sharetype=blogdetail&sharerId=144850719&sharerefer=PC&sharesource=xc_214&spm=1011.2480.3001.8118

批量检测：

python poc.py -f url.txt

单个检测：

python poc.py -u your-ip


![image](https://github.com/user-attachments/assets/13280478-bef9-4a94-9321-aae3c3767cd6)

File Snapshot


 [4.0K]  /data/pocs/a5d966e77f0ddfbfbb158f8c8d3c9a3100c9a878
├── [5.5K]  CVE-2024-50623.py
└── [ 350]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-50623 PoC — Cleo多款产品 安全漏洞