D-Link has issued a firmware hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. The vulnerabilities include hardcoded passwords, command injection, and information disclosure bugs. Following successful exploitation, attackers can let attackers execute arbitrary code on unpatched routers, gain access to sensitive information or crash the routers after triggering a denial of service state. D-link has patched other severe vulnerabilities in multiple router models in the past, including remote command injection bugs.
Source: https://www.bleepingcomputer.com/news/security/d-link-issues-hotfix-for-hard-coded-password-router-vulnerabilities/