Critical DNS hijacking flaw affects D-Link DSL router, the flaw affects the ZynOS firmware that is used also by other vendors, including TP-Link and ZTE. By exploiting the flaw, the attacker can access the devices Web administration interface without authentication. The attacker can then modify the DNS settings to redirect users to phishing websites or domains used to serve malware. The vulnerability is found in the D-link DSL-2740R model, which has been already phased out.”]
Source: https://securityaffairs.co/wordpress/32857/hacking/dns-hijacking-d-link-dsl-router.html