CVE-2019-15655
19.03.2020, 18:15
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext.Enginsight
| Vendor | Product | Version |
|---|---|---|
| dlink | dsl-2875al_firmware | 𝑥 ≤ 1.00.05 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration