CVE-2019-25423

Name of the Vulnerable Software and Affected Versions Comodo Dome Firewall version 2.7.0

Description Reflected cross-site scripting issues exist in the "/korugan/proxyconfig" endpoint. Attackers can inject malicious scripts by submitting crafted POST requests containing JavaScript payloads through the PROXY PORT, VISIBLE HOSTNAME, ADMIN MAIL ADDRESS, CACHE MEM, MAX SIZE, MIN SIZE, and DST NOCACHE parameters, leading to arbitrary script execution in administrator browsers.

Recommendations As a temporary workaround, restrict access to the "/korugan/proxyconfig" endpoint or avoid using the PROXY PORT, VISIBLE HOSTNAME, ADMIN MAIL ADDRESS, CACHE MEM, MAX SIZE, MIN SIZE, and DST NOCACHE parameters until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.