CVE-2025-8205: Comodo Dragon Browser Exposes Sensitive Information via DNS Leakage

TL;DR: A vulnerability in Comodo Dragon browser allows for the cleartext transmission of sensitive information through DNS leakage. While difficult to exploit, this flaw can expose user data. Users should consider alternative browsers or monitor network activity.

Vulnerability Details

CVE ID: CVE-2025-8205
Description: Comodo Dragon up to version 134.0.6998.179 is vulnerable to DNS leakage in its IP DNS Leakage Detector component. This results in the cleartext transmission of sensitive information.
CVSS Score: 3.7 (LOW)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS v3.1 Explanation: This vulnerability has a low severity rating. The attack vector is over the network and requires high attack complexity. No privileges or user interaction are needed. The confidentiality impact is low, meaning some sensitive information may be exposed, but integrity and availability are not affected.
CVSS v4.0 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS v4.0 Explanation: This vulnerability has a medium severity rating with a proof of concept exploit available. The attack vector is over the network and requires high attack complexity. No privileges or user interaction are needed. The confidentiality impact is low, meaning some sensitive information may be exposed.
Exploit Requirements: Exploitation is considered difficult.
Affected Vendor: Comodo
Affected Product: Dragon
Affected Version: Up to 134.0.6998.179
CWE: CWE-310 (Cryptographic Issues) and CWE-319 (Cleartext Transmission of Sensitive Information). CWE-310 indicates problems with the use of cryptography, while CWE-319 specifically describes the transmission of sensitive data in an unencrypted format.

Timeline of Events

2025-07-26: Vulnerability reported to VulDB.
2025-07-26: CVE ID assigned.

Exploitability & Real-World Risk

While the complexity of exploiting this vulnerability is high, the potential impact is still a concern. DNS leakage can reveal browsing history, location data, and other sensitive information to malicious actors. This information can be used for targeted phishing attacks, identity theft, or other malicious activities. The existence of a public exploit increases the risk.

Recommendations

Upgrade: Upgrade to a patched version of Comodo Dragon, if available. Check the Comodo website for updates. However, the vendor did not respond to the initial disclosure, so updates may be unlikely.
Use a VPN: Employ a Virtual Private Network (VPN) to encrypt your internet traffic and prevent DNS leakage.
Alternative Browser: Consider switching to a more secure browser with built-in DNS leak protection.
Monitor Network Activity: Monitor your network traffic for unusual DNS requests or connections.

Technical Insight

The vulnerability stems from how Comodo Dragon handles DNS requests. Instead of using encrypted channels, the browser may send DNS queries in cleartext, allowing attackers to intercept and read this information. This is particularly problematic when accessing sensitive websites or services.

Credit to Researcher(s)

This vulnerability was reported by FMISec.

CVE-2025-8205: Comodo Dragon Browser Exposes Sensitive Information via DNS Leakage

CVE-2025-8205: Comodo Dragon Browser Exposes Sensitive Information via DNS Leakage

Vulnerability Details

Timeline of Events

Exploitability & Real-World Risk

Recommendations

Technical Insight

Credit to Researcher(s)

References

Tags

Timeline

References

Post a Comment

Contact Form