Filtered by vendor Comodo
Subscriptions
Filtered by product Dome Firewall
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25408 | 2 Cdome, Comodo | 2 Comodo Dome Firewall, Dome Firewall | 2026-02-20 | 6.1 Medium |
| Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the netmask_addr parameter. Attackers can send POST requests to the netwizard2 endpoint with script payloads in the netmask_addr parameter to execute arbitrary JavaScript in users' browsers. | ||||
| CVE-2019-25409 | 2 Cdome, Comodo | 2 Comodo Dome Firewall, Dome Firewall | 2026-02-20 | 6.1 Medium |
| Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the destination parameter. Attackers can send POST requests to the routing endpoint with script payloads in the destination parameter to execute arbitrary JavaScript in users' browsers. | ||||
| CVE-2019-25410 | 2 Cdome, Comodo | 2 Comodo Dome Firewall, Dome Firewall | 2026-02-20 | 6.1 Medium |
| Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. Attackers can submit POST requests to the policy routing endpoint with script payloads in these parameters to execute arbitrary JavaScript in users' browsers. | ||||
| CVE-2019-25411 | 2 Cdome, Comodo | 2 Comodo Dome Firewall, Dome Firewall | 2026-02-20 | 6.1 Medium |
| Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the GATEWAY_GREEN parameter. Attackers can send POST requests to the DHCP configuration endpoint with script payloads to execute arbitrary JavaScript in administrator browsers. | ||||
| CVE-2019-25412 | 2 Cdome, Comodo | 2 Comodo Dome Firewall, Dome Firewall | 2026-02-20 | 6.1 Medium |
| Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP_SERVER_LIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the NTP_SERVER_LIST parameter to execute arbitrary JavaScript in users' browsers. | ||||
| CVE-2019-25430 | 2 Cdome, Comodo | 2 Comodo Dome Firewall, Dome Firewall | 2026-02-20 | 6.1 Medium |
| Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpn_users endpoint with script payloads in the username field to execute arbitrary JavaScript in victim browsers. | ||||
Page 1 of 1.