5.1
CVE-2019-25418 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via fwgroups
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitraryβ¦
5.1
CVE-2019-25417 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via QoS Rules
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protocol β¦
5.1
CVE-2019-25416 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via device Parameter
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input through the device parameter. Attackers can send POST requests to the QoS devices management endpoint with script payloads in the device pβ¦
5.1
CVE-2019-25415 - Comodo Dome Firewall 2.7.0 Cross-Site Scripting via hotspot_permanent_users
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspot_permanent_users endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to exβ¦
5.1
CVE-2019-25414 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via ID Parameter Appid
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/appid/ endpoint with script payloads in the ID parameter to execute β¦
5.1
CVE-2019-25413 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via ID Parameter
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/rules/ endpoint with script payloads in the ID parameter to execute β¦
5.1
CVE-2019-25412 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via NTP_SERVER_LIST
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP_SERVER_LIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the NTP_β¦
5.1
CVE-2019-25411 - Comodo Dome Firewall 2.7.0 Cross-Site Scripting via DHCP
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the GATEWAY_GREEN parameter. Attackers can send POST requests to the DHCP configuration endpoint with script payloads to execute arbitrary JavaScript β¦
5.1
CVE-2019-25410 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via policy_routing
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. Attackers can submit POST requests to the policy routing endpoint with script payloads in these parameters to execute aβ¦
5.1
CVE-2019-25409 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via routing
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the destination parameter. Attackers can send POST requests to the routing endpoint with script payloads in the destination parameter to execute arbitβ¦