Filtered by vendor Dlink Subscriptions
Filtered by product Dsl-2875al Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15656 1 Dlink 4 Dsl-2875al, Dsl-2875al Firmware, Dsl-2877al and 1 more 2024-11-21 7.5 High
D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables.
CVE-2019-15655 1 Dlink 2 Dsl-2875al, Dsl-2875al Firmware 2024-11-21 7.5 High
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext.