Researchers have discovered vulnerabilities in D-Link and Comba Telecom routers that can leak passwords for the devices. Flaws can potentially affect every device and user on the network by directing them to malicious websites or blocking their access to important data or resources. The vulnerabilities involve insecure storage of credentials, including three where cleartext credentials are available to any user with network access to the device, Trustwave said in a blog post. Trustwave cautioned users to take the vulnerabilities very seriously. The company said it made multiple attempts to notify both companies of the vulnerabilities after their discovery.
Source: https://threatpost.com/vulnerabilities-in-d-link-comba-routers-can-leak-credentials/148150/