Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-1330Firewall PRO vulnerability

4 documents4 sources
Severity
4.4MEDIUMNVD
EPSS
0.2%
top 58.17%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Comodo Firewall PRO
Timeline
PublishedMar 7
Latest updateMay 1

Description

Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages1 packages

NVDcomodo/comodo_firewall_pro2.4.16.174, 2.4.17.183, 2.4.18.184+2

🔴Vulnerability Details

2
GHSA
GHSA-4gf9-6xwj-3w66: Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 22022-05-01
CVEList
CVE-2007-1330: Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 22007-03-07

💥Exploits & PoCs

1
Exploit-DB
Comodo Firewall Pro 2.4.x - Local Protection Mechanism Bypass2007-03-01
CVE-2007-1330 — Comodo Firewall PRO vulnerability | cvebase