IP DNS Leakage Vulnerability in Comodo Dragon Browser
CVE-2025-8205

6.3MEDIUM

Key Information:

Vendor

Comodo

Status
Dragon
Vendor
CVE Published:
26 July 2025

Badges

👾 Exploit Exists

What is CVE-2025-8205?

A vulnerability exists in the Comodo Dragon browser related to the IP DNS Leakage Detector, which could allow attackers to capture sensitive information through cleartext transmission. This issue affects versions of the browser up to 134.0.6998.179. Although the complexity of exploiting this vulnerability is considered high, the potential for remote attacks presents a significant risk. The vendor did not provide a response upon early notification regarding this security flaw, leaving users exposed to possible data interception.

Affected Version(s)

Dragon 134.0.6998.179

References

https://vuldb.com/?id.317774
vdb-entry
https://vuldb.com/?ctiid.317774
signaturepermissions-required
https://news.fmisec.com/comodo-dragon-vulnerability
exploit

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.