Security researcher Milad Fadavvi from the exploitdb website has found that Comodo has vulnerable parts of remote execution code.
The tested version are the versions released before 2.7.0 & 1.5.0.
The rapid acceptance and deployment of the internet has transformed how we build and share information today. Financial transactions, healthcare records, personal information, and government data all pass instantly through technology systems at record pace. Internet technologies have revolutionized the way people communicate, governments manage, businesses operate and society functions.
But with innovation always comes risk. Security is always the last layer to be added in any transformational idea, and malware and cyberattacks now threaten the economic and societal progress that these technology tools provide. They have created an environment of vulnerability and exposure, where individuals and corporations can’t feel they trust the experience of being online, of collaborating across geographies, of exchanging information safely.
Enter Comodo, a company that has been built upon the very foundation of trust, believing that every single digital transaction must have a built-in layer of trust and security. Thousands of companies and organizations rely on Comodo’s technology to authenticate, validate and secure their most precious asset – information – and to combat constant malware threats and cyberattacks that are creating havoc on a global scale.
According to the security seeker, hackers can easily gain access to the Comodo web console and can execute malicious remote codes.
CVE Details are here CVE-2018-17431 .