Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Comodo — Vulnerabilities & Security Advisories 42

Browse all 42 CVE security advisories affecting Comodo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Comodo operates primarily as a cybersecurity vendor, offering endpoint protection, identity management, and secure browsing solutions to enterprise and consumer markets. Its software portfolio, including the widely used Comodo Internet Security suite, has historically been associated with a significant number of Common Vulnerabilities and Exposures (CVEs), currently totaling 42. These vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation or insecure default configurations within its desktop agents and cloud-based services. Notable incidents include past exploits that allowed attackers to bypass security controls or execute arbitrary code on affected systems. The high volume of disclosed CVEs highlights ongoing challenges in maintaining robust code hygiene across its extensive product line, necessitating rigorous patch management for organizations relying on its endpoint protection infrastructure.

Top products by Comodo: Comodo Dome Firewall Internet Security Pro Internet Security Premium Dragon Comodo Antivirus Firewall
CVE IDTitleCVSSSeverityPublished
CVE-2019-25430 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via vpn_users — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25429 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via openvpn_advanced — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25428 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via openvpn_users — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25427 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via antispyware — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25426 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via dnsmasq — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25425 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via smtpconfig — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25424 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via https_exceptions — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25423 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via proxyconfig — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25422 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via vpnfw — Comodo Dome FirewallCWE-79 7.2 High2026-02-19
CVE-2019-25421 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via policyfw — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25420 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via snat — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25419 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via schedule — Comodo Dome FirewallCWE-79 7.2 High2026-02-19
CVE-2019-25418 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via fwgroups — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25416 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via device Parameter — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25417 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via QoS Rules — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25415 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via hotspot_permanent_users — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25414 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via ID Parameter Appid — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25413 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via ID Parameter — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25412 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via NTP_SERVER_LIST — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25411 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via DHCP — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25410 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via policy_routing — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25409 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via routing — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25408 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via netwizard2 — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25407 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via backupschedule — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25406 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via organization Parameter — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2019-25405 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via license_activation — Comodo Dome FirewallCWE-79 7.2 High2026-02-19
CVE-2019-25404 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admins — Comodo Dome FirewallCWE-79 6.4 Medium2026-02-19
CVE-2019-25403 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admin_profiles — Comodo Dome FirewallCWE-79 6.4 Medium2026-02-19
CVE-2019-25402 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via login — Comodo Dome FirewallCWE-79 6.1 Medium2026-02-19
CVE-2025-8206 Comodo Dragon IP DNS Leakage Detector cross site scripting — DragonCWE-79 3.1 Low2025-07-26

This page lists every published CVE security advisory associated with Comodo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.