CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7098 – Comodo Internet Security Premium File Name path traversal
https://notcve.org/view.php?id=CVE-2025-7098
06 Jul 2025 — A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. • https://drive.google.com/file/d/1qnWarYsTSc5_sV6o8ULv0LBvGfKKXPxn/view?usp=sharing • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7097 – Comodo Internet Security Premium Manifest File cis_update_x64.xml os command injection
https://notcve.org/view.php?id=CVE-2025-7097
06 Jul 2025 — A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command injection. The attack may be initiated remotely. The complexity of an attack is rather high. • https://drive.google.com/file/d/1qnWarYsTSc5_sV6o8ULv0LBvGfKKXPxn/view?usp=sharing • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7096 – Comodo Internet Security Premium Manifest File cis_update_x64.xml integrity check
https://notcve.org/view.php?id=CVE-2025-7096
06 Jul 2025 — A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation leads to improper validation of integrity check value. The attack can be initiated remotely. The complexity of an attack is rather high. • https://drive.google.com/file/d/1qnWarYsTSc5_sV6o8ULv0LBvGfKKXPxn/view?usp=sharing • CWE-345: Insufficient Verification of Data Authenticity CWE-354: Improper Validation of Integrity Check Value •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7095 – Comodo Internet Security Premium Update certificate validation
https://notcve.org/view.php?id=CVE-2025-7095
06 Jul 2025 — A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. • https://drive.google.com/file/d/1qnWarYsTSc5_sV6o8ULv0LBvGfKKXPxn/view?usp=sharing • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •