Comodo Dragon CVE-2025-8205
LOWSeverity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability, which was classified as problematic, has been found in Comodo Dragon up to 134.0.6998.179. Affected by this issue is some unknown functionality of the component IP DNS Leakage Detector. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Comodo Dragon up to version 134.0.6998.179 transmits sensitive DNS information in cleartext via its IP DNS Leakage Detector component, allowing remote attackers to intercept and read this data. The vulnerability has a low CVSS score of 2.9 (limited confidentiality impact) but is marked as having publicly available exploit code with difficult exploitation complexity. The vendor was notified but did not respond, and active exploitation is not confirmed despite public disclosure.
Technical ContextAI
The vulnerability exists in Comodo Dragon's IP DNS Leakage Detector component, which is a feature designed to prevent DNS leakage in VPN and privacy-focused browser configurations. The underlying issue is CWE-310 (Cryptographic Issues), specifically the cleartext transmission of sensitive information without encryption. DNS leakage detection typically involves sending test queries to detect whether DNS requests are bypassing configured privacy tunnels; if this mechanism transmits sensitive resolver information or user identifiers over unencrypted channels (HTTP, unencrypted DNS, or similar), an attacker on the network path can passively intercept these communications. Comodo Dragon is a Chromium-based browser developed by Comodo Group, identified by CPE cpe:2.3:a:comodo:dragon:*:*:*:*:*:*:x64:*, indicating the 64-bit Windows version is affected through version 134.0.6998.179.
RemediationAI
Update Comodo Dragon to the latest available version beyond 134.0.6998.179; however, no patched version has been confirmed in vendor advisories since Comodo did not respond to early disclosure. As a workaround, disable the IP DNS Leakage Detector feature within Dragon's privacy or security settings if present, or use a system-level DNS privacy solution (such as encrypted DNS via DNS-over-HTTPS or DNS-over-TLS configured at the OS level) to ensure all DNS queries are encrypted regardless of the browser's behavior. For environments where Comodo Dragon is deployed, configure firewall rules to block outbound unencrypted DNS (port 53 UDP/TCP) and redirect to encrypted resolvers, or restrict the browser to networks with TLS-based DNS privacy. Disable the browser if a patched version cannot be confirmed and alternative Chromium-based browsers (Chrome, Edge, Brave) are available.
Share
External POC / Exploit Code
Leaving vuln.today