From gbhackers.com
Two critical vulnerabilities have been discovered in D-Link DIR-X4860 routers which were associated with Authentication bypass due to HNAP port and remote code execution.
Moreover, exploiting these vulnerabilities together could lead to a complete compromise of the vulnerable device.
However, even after reporting this vulnerability to the vendor, there seems to be no update or response from them.
Researchers have publicly disclosed this vulnerability due to no response in the past 30 days.