CVE Details
Basic Information
| Title | Comodo Internet Security Premium File Name path traversal |
|---|---|
| Type | cve |
| Published | 2025-07-06T23:02:05.835Z |
| Modified | 2025-07-06T23:02:05.835Z |
Product Information
| Vendor | Comodo |
|---|---|
| Product | Internet Security Premium |
| Version | 12.3.4.8162 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A path traversal vulnerability in Comodo Internet Security Premium allows remote attackers to access files outside the intended directory. This could lead to unauthorized file access and potential system compromise. The vulnerability is considered critical, and exploit details are publicly available, but no patch has been released by the vendor. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Comodo |
| AI Product | Internet Security Premium |
| AI Version | 12.3.4.8162 |
Affected Products
- Comodo Internet Security Premium 12.3.4.8162
Additional Information
| CWE List | CWE-22 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.