Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-15655 | 1 D-link | 2 Dsl-2875al, Dsl-2875al Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext. | |||||
CVE-2019-15656 | 1 D-link | 4 Dsl-2875al, Dsl-2875al Firmware, Dsl-2877al and 1 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. |