CVE-2019-25706
Received Received - Intake
Unauthenticated File Disclosure in DR-810 Exposes Router Backups

Publication date: 2026-04-12

Last updated on: 2026-04-12

Assigner: VulnCheck

Description
Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file containing sensitive information by sending a simple GET request. Attackers can access the rom-0 endpoint without authentication to retrieve and decompress the backup file, exposing router passwords and other sensitive configuration data.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-12
Last Modified
2026-04-12
Generated
2026-06-16
AI Q&A
2026-04-13
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25706
EUVD
EUVD-2019-20136
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
across dr-810 to rom-0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-538 The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate the CVE-2019-25706 vulnerability, immediate steps include restricting access to the router's web interface, especially the /rom-0 endpoint, by implementing network-level controls such as firewall rules to block external HTTP requests to this path.

Additionally, updating the router firmware to a version that patches this vulnerability or applying any available vendor-provided security updates is critical.

If firmware updates are not immediately available, disabling the RomPager web server or limiting its accessibility to trusted internal networks can reduce exposure.

Executive Summary

CVE-2019-25706 is an unauthenticated file disclosure vulnerability affecting the Across DR-810 router firmware. It allows remote attackers to download the router's rom-0 backup file by sending a simple HTTP GET request to the /rom-0 endpoint without needing any authentication.

The rom-0 backup file contains sensitive information such as router passwords and configuration data. Attackers can retrieve and decompress this file to access confidential credentials, compromising the security of the device.

Impact Analysis

This vulnerability can have a significant impact by exposing sensitive router information to unauthorized attackers.

  • Attackers can obtain router passwords and configuration details.
  • Unauthorized access to the router can lead to further network compromise.
  • Since no authentication or user interaction is required, the attack can be executed remotely and easily.
Detection Guidance

This vulnerability can be detected by attempting to access the rom-0 backup file on the target device using an unauthenticated HTTP GET request to the "/rom-0" endpoint.

  • Use a command like: curl http://<target-ip>/rom-0
  • If the rom-0 file is downloaded successfully without authentication, the device is vulnerable.
Compliance Impact

This vulnerability allows unauthenticated remote attackers to access sensitive configuration data, including router passwords, by downloading the rom-0 backup file. Exposure of such sensitive information can lead to unauthorized access and compromise of network security.

The unauthorized disclosure of sensitive data may violate common standards and regulations such as GDPR and HIPAA, which require protection of sensitive information and proper access controls to prevent data breaches.

Specifically, the vulnerability's impact on confidentiality and lack of authentication controls could result in non-compliance with data protection requirements that mandate safeguarding sensitive information from unauthorized disclosure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25706. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart