VYPR

DSL-2875AL

by Dlink

CVEs (2)

  • CVE-2019-15656Mar 19, 2020
    risk 0.00cvss epss 0.01

    D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables.

  • CVE-2019-15655Mar 19, 2020
    risk 0.00cvss epss 0.01

    D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext.