Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15655 | 2 D-link, Dlink | 2 Dsl-2875al Firmware, Dsl-2875al | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext. | |||||
| CVE-2019-15656 | 2 D-link, Dlink | 4 Dsl-2875al Firmware, Dsl-2877al Firmware, Dsl-2875al and 1 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | |||||