Comodo Unified Threat Management Web Console 2.7.0 Remote Code Execution

Exploit Title: Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution Date: 2018-08-15 Exploit Author: Milad Fadavvi Author's LinkedIn: https://www.linkedin.com/in/fadavvi/ Vendor Homepage: https://www.comodo.com/ Version: Releases before 2.7.0 & 1.5.0 Tested on:...

CVE-2018-17431

Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...

Authentication flaw

Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...

CVE-2018-17431

Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...

CVE-2018-17431

Affected software: Comodo UTM Firewall Web Console (all releases before 2.7.0, and related 1.5.0) per CVE-2018-17431. Vulnerability type & root cause: remote code execution via a crafted URL that allows an unauthenticated attacker to execute arbitrary code on the target. Descriptions across sourc...

PT-2019-9479 · Comodo · Comodo Utm Firewall

Name of the Vulnerable Software and Affected Versions: Comodo UTM Firewall versions prior to 2.7.0 Description: The issue allows remote attackers to execute arbitrary code without authentication via a crafted URL. This is related to the Web Console in Comodo UTM Firewall. Recommendations: For...

Exploit for Improper Authentication in Comodo Unified_Threat_Management_Firewall

CVE-2018-17431-PoC Proof of consept for CVE-2018-17431 E...