Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admins

Advisories

Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admins

severity: medium
date: 2/19/2026
Affecting: Comodo Dome Firewall <= 2.7.0
CVE: CVE-2019-25404
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS: 5.1
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
References: ExploitDB-46408
Comodo Dome Firewall Official Homepage
Comodo Dome Firewall Purchase/Trial Page
Credit: Ozer Goker
Description: Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the admin_name, name, and surname parameters via POST requests to the /korugan/admins endpoint, which are stored and executed when administrators access the interface.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo