CVE-2024-50623: Cleo File Transfer RCE
What is the Cleo file transfer vulnerability?
An unrestricted file upload and download vulnerability in Cleo file transfer products. Unauthenticated attackers can execute arbitrary commands by uploading a malicious autorun file to the server. Exploited by the Cl0p ransomware group.
Impact & Exploitation
Cl0p mass exploitation campaign targeting 60+ organizations. Third MOVEit-style attack on managed file transfer products. Affects enterprises using Cleo for B2B file exchange.
How Precogs AI Detects Cleo File Transfer RCE
Precogs AI detects unrestricted file upload and autorun vulnerabilities in compiled file transfer applications, identifying exploitation vectors in managed file transfer bundles.
Precogs Research
This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.