5.1
CVE-2019-25423 - Comodo Dome Firewall 2.7.0 Cross-Site Scripting via proxyconfig
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like PROXY_PORβ¦
5.3
CVE-2019-25422 - Comodo Dome Firewall 2.7.0 Cross-Site Scripting via vpnfw
Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. Attackers can submit POST requests with script payloads in the target parameter for reflected XSS or the remark parameter for stored XSS to execute aβ¦
5.1
CVE-2019-25421 - Comodo Dome Firewall 2.7.0 Cross-Site Scripting via policyfw
Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in adminiβ¦
5.1
CVE-2019-25420 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via snat
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. Attackers can send POST requests with JavaScript payloads in the port or snat_to_ip parameters to execute arbitrary β¦
5.3
CVE-2019-25419 - Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via schedule
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the schedule endpoint. Attackers can submit POST requests with JavaScript payloads in the SCHNAME parameter to execute arbitrary code in aβ¦
5.1
CVE-2019-25418 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via fwgroups
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitraryβ¦
5.1
CVE-2019-25417 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via QoS Rules
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protocol β¦
5.1
CVE-2019-25416 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via device Parameter
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input through the device parameter. Attackers can send POST requests to the QoS devices management endpoint with script payloads in the device pβ¦
5.1
CVE-2019-25415 - Comodo Dome Firewall 2.7.0 Cross-Site Scripting via hotspot_permanent_users
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspot_permanent_users endpoint. Attackers can send POST requests with JavaScript payloads in the MACADDRESSES parameter to exβ¦
5.1
CVE-2019-25414 - Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via ID Parameter Appid
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/appid/ endpoint with script payloads in the ID parameter to execute β¦