Comodo Dragon Cleartext Transmission Vulnerability in IP DNS Leakage Detector
Vulnerability
A vulnerability exists in Comodo Dragon browser versions up to 134.0.6998.179, specifically within the IP DNS Leakage Detector component. This vulnerability allows for the cleartext transmission of sensitive information, which could be intercepted by unauthorized parties. The issue can be exploited remotely, although the complexity of the attack is considered high.
Impact
Exploitation of this vulnerability leads to cleartext transmission of sensitive information, allowing for potential interception and misuse of that data.
Reproduction
To reproduce this vulnerability, first modify the hosts file to direct a domain, such as google.com, to a server with HTTPS enabled but an invalid certificate. Then, access the domain in Comodo Dragon, which will bypass the certificate warning and allow the connection. Once connected, the IP/DNS Leakage Detector extension can be exploited by sending a malicious HTTP response that injects JavaScript or a phishing form, taking advantage of the browser's lack of proper security checks.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.