Embedi, a hardware security firm, has published details about two vulnerabilities that have yet to be patched in the firmware of D-Link routers. This marks the second incident of this sort in the last five days. Last Friday, South Korean security researcher Pierre Kim also published public details about ten unpatched vulnerabilities in D-link routers. The flaws affect DIR890L, DIR885L, and DIR 895L router models, Embedi says. The company has fixed one of the three reported bugs, but has not fixed the other two flaws.
Source: https://www.bleepingcomputer.com/news/security/second-researcher-drops-router-exploit-code-after-d-link-mishandles-bug-reports/