11 matches found
CVE-2019-25429
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...
CVE-2019-25429
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...
CVE-2019-25429 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via openvpn_advanced
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...
CVE-2019-25429
CVE-2019-25429 : Affected product is Comodo Dome Firewall 2.7.0. The vulnerability is a reflected cross-site scripting (XSS) flaw in the openvpn_advanced endpoint, allowing an attacker to inject JavaScript into a victim’s browser by submitting crafted input through the GLOBAL_NETWORKS and GLOBAL_...
CVE-2019-25429 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via openvpn_advanced
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...
CVE-2019-25429
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpnadvanced endpoint. Attackers can inject JavaScript code through the GLOBALNETWORKS and GLOBALDNS parameters via POST...
PT-2026-20832
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpn advanced endpoint. Attackers can inject JavaScript code through the GLOBAL NETWORKS and GLOBAL DNS parameters via POST...
Iranian Government-Sponsored MuddyWater Actors Conducting Malicious Cyber Operations
CISA, the Federal Bureau of Investigation FBI, U.S. Cyber Command Cyber National Mission Force CNMF, the United Kingdom’s National Cyber Security Centre NCSC-UK, and the National Security Agency NSA have issued a joint Cybersecurity Advisory CSA detailing malicious cyber operations by Iranian...
Relentless Log4j Attacks Include State Actors, Possible Worm
Call it a “logjam” of threats: Attackers including nation-state actors have already targeted half of all corporate global networks in security companies’ telemetry using at least 70 distinct malware families — and the fallout from the Log4j vulnerability is just beginning. Researchers manning...
Sophos Products - Multiple Vulnerabilities
Sophos Products - Multiple Vulnerabilities List, I've completed the second paper in my series analyzing Sophos Antivirus internals, titled "Practical Attacks against Sophos Antivirus". As the name suggests, this paper describes realistic attacks against networks using Sophos products. The paper...
Report: FCC May Push ISPs To Crack Down on Botnets
We’ve known for a long time that botnets are the Madwoman in the Attic at most major Internet service providers ISPs- an unseemly and occasionally embarrassing presence that is occasionally dealt with, but usually silently tolerated. But now, it seems, there’s pressure mounting on ISPs to do...