CVE-2019-25429

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...

CVE-2019-25429

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...

CVE-2019-25429

CVE-2019-25429 : Affected product is Comodo Dome Firewall 2.7.0. The vulnerability is a reflected cross-site scripting (XSS) flaw in the openvpn_advanced endpoint, allowing an attacker to inject JavaScript into a victim’s browser by submitting crafted input through the GLOBAL_NETWORKS and GLOBAL_...

CVE-2019-25429

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...

CVE-2019-25429 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via openvpn_advanced

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...

PT-2026-20832

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpn advanced endpoint. Attackers can inject JavaScript code through the GLOBAL NETWORKS and GLOBAL DNS parameters via POST...

CVE-2025-53577

CVE-2025-53577 : WordPress plugin Global DNS (versions up to 3.1.0) suffers an improper control of code generation leading to Remote Code Execution (RCE)/Remote Code Inclusion. The issue, described as a Code Injection vulnerability, is exploitable remotely over the network and is rated with a hig...

PT-2025-33988 · Thehp · Thehp Global Dns

Name of the Vulnerable Software and Affected Versions: thehp Global DNS versions n/a through 3.1.0 Description: Improper Control of Generation of Code 'Code Injection' in thehp Global DNS allows Remote Code Inclusion. Recommendations: Versions prior to 3.1.0 are affected...

[SECURITY] Fedora 33 Update: dnsmasq-2.85-1.fc33

Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with...

The Benefits of a Single Provider DNS Platform

I've written in previous blogs about the value of using DNS as a security control point and how using a DNS based security solution like Akamai's Enterprise Threat Protector can help accelerate your transition to a Zero Trust security approach. In this blog, I'm going to cover how in addition to...

DNS Infrastructure Hijacking Campaign

The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a global Domain Name System DNS infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an...