CVE-2019-15655
CVE-2019-15655 affects D-Link DSL-2875AL devices (firmware 1.00.05 and earlier). A crafted unauthenticated request to the web management endpoint /romfile.cfg allows password disclosure by saving the configuration file, with the password stored in cleartext. The vulnerability is described across ...