The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. […]
from https://www.bleepingcomputer.com/news/security/poc-exploit-released-for-rce-zero-day-in-d-link-exo-ax4800-routers/