775 matches found
Comodo Unified Threat Management Web Console - Remote Code Execution
Comodo Firewall & Central Manager UTM All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability. id: CVE-2018-17431 info: name: Comodo Unified Threat Management Web Console - Remote Code Execution author: dwisiswant0 severity: critical description:...
OpenEDR 安全漏洞
OpenEDR is an open-source terminal detection and response security platform developed by Comodo Cyber Security. Version 2.5.1.0 of OpenEDR contains a security vulnerability. This vulnerability stems from the ability to bypass the system’s defense mechanisms by renaming malicious executable files,...
CLSA-2026-1772645603 Update of ca-certificates
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...
CLSA-2026-1772644488 Update of ca-certificates
update to CKBI 2.82 from NSS 3.121 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...
CLSA-2026-1772644297 Update of ca-certificates
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...
CLSA-2026-1772644086 Update of nss
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...
CLSA-2026-1772027218 Update of ca-certificates
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "ePKI Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking"...
CVE-2019-25429
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...
CVE-2019-25430
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpnusers endpoint with script payloads in the usernam...
CVE-2019-25430
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpnusers endpoint with script payloads in the usernam...
CVE-2019-25424
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. Attackers can craft POST requests to the httpsexceptions endpoint with script payloads to execut...
CVE-2019-25424
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. Attackers can craft POST requests to the httpsexceptions endpoint with script payloads to execut...
CVE-2019-25427
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. Attackers can send POST requests with JavaScript payloads in the DNSMASQWHITELIST or DNSMASQBLACKLIST...
CVE-2019-25426
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENTSOURCEBYPASS or...
CVE-2019-25427
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. Attackers can send POST requests with JavaScript payloads in the DNSMASQWHITELIST or DNSMASQBLACKLIST...
CVE-2019-25428
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpnusers endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with script payloads in the username, remotenets,...
CVE-2019-25425
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUSADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary...
CVE-2019-25428
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpnusers endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with script payloads in the username, remotenets,...
CVE-2019-25425
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUSADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary...
CVE-2019-25426
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENTSOURCEBYPASS or...