Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor D-link Subscribe
Filtered by product Dsl-2875al
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15655 1 D-link 2 Dsl-2875al, Dsl-2875al Firmware 2021-07-21 5.0 MEDIUM 7.5 HIGH
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext.
CVE-2019-15656 1 D-link 4 Dsl-2875al, Dsl-2875al Firmware, Dsl-2877al and 1 more 2021-07-21 5.0 MEDIUM 7.5 HIGH
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables.