Dlink: >> Dsl-2875al Security Vulnerabilities
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext.
CVSS Score
7.5
EPSS Score
0.013
Published
2020-03-19
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables.
CVSS Score
7.5
EPSS Score
0.012
Published
2020-03-19